[Freeswitch-users] Authentication of SIP phones against LDAP directory?
Kevin Long
kevin.long at haloprivacy.com
Sun Jun 12 22:41:27 MSD 2016
Hi Stanislav, thanks for the response.
Even if I do need some separate attributes, plaintext or A1 hashed, does the functionality exist in Freeswitch to do the authentication from LDAP from these attributes?
My goal here is to run Freeswitch via Docker, because I intend to deploy it many, many times for small groups of users in an ephemeral way. So the configuration files, including the users extensions etc, would not be permanent and need to be generated on-the-fly when the instance is booted up.
If there is another way people are doing this kind of thing, I would love to know.
Thanks again,
Kevin Long
> On Jun 12, 2016, at 7:18 AM, Stanislav Sinyagin <ssinyagin at gmail.com> wrote:
>
> there's a principal difference in how authentication works in SIP and LDAP:
>
> SIP is using challenge-response, so the server needs either the
> cleartext password, or A1-hash.
>
> LDAP is primarily using salted hashes to store the passwords, so
> there's no way to retrieve the cleartext password.
>
> So, the best you can do, is to have a separate LDAP attribute for the
> SIP password, and keep clear text passwords in it. But then it comes
> to the same problem as before, that the users have to maintain two
> different passwords.
>
>
>
>
> On Sun, Jun 12, 2016 at 1:27 AM, Kevin Long <kevin.long at haloprivacy.com> wrote:
>>
>>
>> Hello,
>>
>>
>> Can Freeswitch authenticate SIP phone logins from an LDAP directory ?
>>
>> Hoping to integrate this so my SIP users can use the same password/username they use for all other applications.
>>
>>
>> Regards,
>>
>> Kevin Long
>>
>>
>> _________________________________________________________________________
>> Professional FreeSWITCH Consulting Services:
>> consulting at freeswitch.org
>> http://www.freeswitchsolutions.com
>>
>> Official FreeSWITCH Sites
>> http://www.freeswitch.org
>> http://confluence.freeswitch.org
>> http://www.cluecon.com
>>
>> FreeSWITCH-users mailing list
>> FreeSWITCH-users at lists.freeswitch.org
>> http://lists.freeswitch.org/mailman/listinfo/freeswitch-users
>> UNSUBSCRIBE:http://lists.freeswitch.org/mailman/options/freeswitch-users
>> http://www.freeswitch.org
>
> _________________________________________________________________________
> Professional FreeSWITCH Consulting Services:
> consulting at freeswitch.org
> http://www.freeswitchsolutions.com
>
> Official FreeSWITCH Sites
> http://www.freeswitch.org
> http://confluence.freeswitch.org
> http://www.cluecon.com
>
> FreeSWITCH-users mailing list
> FreeSWITCH-users at lists.freeswitch.org
> http://lists.freeswitch.org/mailman/listinfo/freeswitch-users
> UNSUBSCRIBE:http://lists.freeswitch.org/mailman/options/freeswitch-users
> http://www.freeswitch.org
Join us at ClueCon 2016 Aug 8-12, 2016
More information about the FreeSWITCH-users
mailing list