Yate Community Forum

Yate server => Other Yate server issues => Topic started by: marchew on September 23, 2013, 05:50:04 AM

Title: Users authentication
Post by: marchew on September 23, 2013, 05:50:04 AM
I'm writing an external module for Yate. Amogst other things i want to authenticate users connecting to Yate via SIP. It works when i send an answer for user.auth with password as a retval.
Is there any possibility other than replying with cleartext password? Can i send md5(username:realm:password) or something similar instead?
Title: Re: Users authentication
Post by: vankooch on October 17, 2013, 12:02:22 PM
You can use SIPS which encrypts the SIP messages, so passwords are not so plain. Yate does already support sips and rtps. Have look at the docs.
If you can make sure your sip clients do support md5 password authentication, then you could use a database backend in yate for registration. The query which fires up, needs then to check the hash.
Title: Re: Users authentication
Post by: marian on October 18, 2013, 01:14:49 AM
The password you are returning in user.auth return value is not sent back on sip.
The sip module will check user credentials using the returned password and will accept or not the request.