[asterisk-users] multi step auth?

Daniel Tryba daniel at tryba.nl
Wed May 9 09:37:02 CDT 2018


On Tue, May 08, 2018 at 03:04:55PM -0500, Jeff LaCoursiere wrote:
> Thats till doesn't change the SIP header.?? Basically they want to send a RE
> INVITE and authenticate my DID number.?? But my DID number does not have a
> peer or user entry in sip.conf.?? Perhaps I am answering my own question,
> but is that the only way this is going to work?

Maybe you should post their requirments (instead of your rephrasing of
them). Do they actually want to have different from/to and contact(!) in
one SIP dialog? But AFAIK you don't have such control in Asterisk, you
can only influence the original INVITE and than have Asterisk respond
to a auth challenge, which you can influence with defaultuser according
to sip.conf.

So experiment with something like
[user]
fromuser=thenumber
defaultuser=theusername
remotesecret=thepassword

and see what the fromuser in request is and what the authentication user
in the Authorization header is in step 3, according to sip.conf remarks
it should be:

From: <sip:fromuser at fromdomain>
To:....
Authorization: Digest username="defaultuser"....




More information about the asterisk-users mailing list