[asterisk-users] Asterisk and OpenLDAP
Olle E. Johansson
oej at edvina.net
Thu Nov 1 10:27:21 CDT 2012
31 okt 2012 kl. 15:07 skrev Giuseppe Longo <giuseppelng at gmail.com>:
> I don't want update Asterisk configuration, i want to query LDAP only
> for name and secret field.
>
Currently Asterisk can't do that. If you add Kamailio as a proxy in front of Asterisk, you can
easily authenticate with LDAP this way. There was some work by Philippe Sultan in this area
done years ago, but was never completed.
In SIP, the MD5 Digest authentication is based on the cleartext password being available
to calculate the hash. Therefore we can't use the LDAP authentication for binding as an authentication
mechanism in SIP. As long as we can have a binding (authentication for the server itself)
and query and in the result get a cleartext authentication username and secret,
kamailio should be able to do the job.
The Asterisk realtime driver assumes that you use a [peer] or [user] object like the ones
we use in a database - or that you query from the dialplan with the realtime function.
However, as stated earlier, this doesn't work in the SIP authentication that is based on
the data in peers and users.
Regards,
/Olle
--
* Olle E. Johansson - oej at edvina.net
* Kamailio & SIP Masterclass Miami FL December 2012
* http://edvina.net/training/
More information about the asterisk-users
mailing list