Yate server > Other Yate server issues

Users authentication

(1/1)

marchew:
I'm writing an external module for Yate. Amogst other things i want to authenticate users connecting to Yate via SIP. It works when i send an answer for user.auth with password as a retval.
Is there any possibility other than replying with cleartext password? Can i send md5(username:realm:password) or something similar instead?

vankooch:
You can use SIPS which encrypts the SIP messages, so passwords are not so plain. Yate does already support sips and rtps. Have look at the docs.
If you can make sure your sip clients do support md5 password authentication, then you could use a database backend in yate for registration. The query which fires up, needs then to check the hash.

marian:
The password you are returning in user.auth return value is not sent back on sip.
The sip module will check user credentials using the returned password and will accept or not the request.

Navigation

[0] Message Index