[asterisk-users] Confused by concepts behind pjsip: endpoint, aor, contact

Joshua Colp jcolp at digium.com
Sun Jan 4 19:48:20 CST 2015

Antonio Gómez Soto wrote:


> I did not mean they are the same, I meant that there seems to be a
> one-to-one relationship.
> So I am wondering, since the auth does seem useless without an aor, but
> an aor
> can exist without an auth, why was the auth object created in the first
> place,
> instead of extending the aor object with username/password/etc fields?

Auth is useless on its own but is used by many things - in fact it's not 
even used directly by an AOR. It's configured on an endpoint to do 
authentication of inbound traffic from that endpoint. It's also used by 
outbound registration and outbound publish in response to challenges.

While it would be possible to combine them you've now got duplicated 
stuff across different configuration items, both for configuration and 
also from an implementation perspective. As it is done right now *all* 
of the authentication is the same code for everything and there is no 
duplication. Fix a bug in it and you fix it for everything.

> I think auth's only use would be when all the aor's would register using
> the exact
> same credentials, and even then it would only save a small amount.

I don't understand what you mean.

> But I bet you're now going to say, those small amounts are going to add up..

Joshua Colp
Digium, Inc. | Senior Software Developer
445 Jan Davis Drive NW - Huntsville, AL 35806 - US
Check us out at: www.digium.com & www.asterisk.org

More information about the asterisk-users mailing list