[asterisk-dev] Introduction to ASA - the Asterisk Security Architecture

Johansson Olle E oej at edvina.net
Tue Oct 14 09:09:54 CDT 2008

14 okt 2008 kl. 15.54 skrev Michiel van Baak:

> On 13:28, Tue 14 Oct 08, Johansson Olle E wrote:
>> 14 okt 2008 kl. 12.57 skrev Vadim Lebedev:
>>> Johansson Olle E wrote:
>>>> Friends,
>>>> I've collected some notes and ideas and produced yet another PDF  
>>>> for
>>>> you to look at, read and then discuss.
>>>> http://edvina.net/asterisk/asa-intro.pdf
>>> Ole
>>> What do you think about possibility to use PAM for  authentication?
>> Authentication schemes depend on the actual application. PAM might  
>> work
>> in some cases, but for instance not with SIP, since to calculate the
>> MD5 hash,
>> SIP needs the password in clear text, which I belive PAM would not
>> deliver.
>> If it does, I'm worried... ;-)
>> Having said that, PAM might work for manager auth (but again not for
>> the MD5 version)
>> and other Asterisk applications.
> Please dont make it depend on PAM.
> There are platforms where you dont have that ;)
Well, I don't think we should depend on any external authentication  
but be able to use them when it's possible and the sysadm wants to.

We had a res_auth earlier in the bug tracker that authenticated towards
radius and ldap if I remember correctly.


More information about the asterisk-dev mailing list