<html>
<head>
<meta http-equiv="Content-Type" content="text/html; charset=us-ascii">
</head>
<body style="word-wrap: break-word; -webkit-nbsp-mode: space; -webkit-line-break: after-white-space;" class="">
<div class=""><br class="">
</div>
<div class="">Thanks Colin,</div>
<div class=""><br class="">
</div>
<div class="">That sounds like a workable idea and would come in handy for other dynamic parts of the configuration .</div>
<div class=""><br class="">
</div>
<div class="">Cheers,</div>
<div class=""><br class="">
</div>
<div class="">Kevin Long</div>
<div class=""><br class="">
</div>
<br class="">
<div class="">
<div>
<blockquote type="cite" class="">
<div class="">On Jun 12, 2016, at 12:07 PM, Colin Morelli &lt;<a href="mailto:colin.morelli@gmail.com" class="">colin.morelli@gmail.com</a>&gt; wrote:</div>
<br class="Apple-interchange-newline">
<div class="">Mod_xml_curl is going to be your best bet for authenticating dynamically. Build a simple HTTP service in your preferred language. LDAP Bindings are widely available in basically every language.<br class="">
<br class="">
With mod_xml_curl, FS will make an HTTP call to your application each time someone tries to authenticate. You simply need to return a small XML document back with their credentials.<br class="">
<br class="">
Best,<br class="">
Colin<br class="">
<div class="gmail_quote">
<div dir="ltr" class="">On Sun, Jun 12, 2016 at 2:42 PM Kevin Long &lt;<a href="mailto:kevin.long@haloprivacy.com" class="">kevin.long@haloprivacy.com</a>&gt; wrote:<br class="">
</div>
<blockquote class="gmail_quote" style="margin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex">
<br class="">
Hi Stanislav,&nbsp; thanks for the response.<br class="">
<br class="">
Even if I do need some separate attributes, plaintext or A1 hashed,&nbsp; does the functionality exist in Freeswitch to do the authentication from LDAP from these attributes?<br class="">
<br class="">
My goal here is to run Freeswitch via Docker, because I intend to deploy it many, many times for small groups of users in an ephemeral way.&nbsp; So the configuration files, including the users extensions etc,&nbsp; would not be permanent and need to be generated on-the-fly
 when the instance is booted up.<br class="">
<br class="">
<br class="">
If there is another way people are doing this kind of thing,&nbsp; I would love to know.<br class="">
<br class="">
<br class="">
Thanks again,<br class="">
<br class="">
Kevin Long<br class="">
<br class="">
<br class="">
&gt; On Jun 12, 2016, at 7:18 AM, Stanislav Sinyagin &lt;<a href="mailto:ssinyagin@gmail.com" target="_blank" class="">ssinyagin@gmail.com</a>&gt; wrote:<br class="">
&gt;<br class="">
&gt; there's a principal difference in how authentication works in SIP and LDAP:<br class="">
&gt;<br class="">
&gt; SIP is using challenge-response, so the server needs either the<br class="">
&gt; cleartext password, or A1-hash.<br class="">
&gt;<br class="">
&gt; LDAP is primarily using salted hashes to store the passwords, so<br class="">
&gt; there's no way to retrieve the cleartext password.<br class="">
&gt;<br class="">
&gt; So, the best you can do, is to have a separate LDAP attribute for the<br class="">
&gt; SIP password, and keep clear text passwords in it. But then it comes<br class="">
&gt; to the same problem as before, that the users have to maintain two<br class="">
&gt; different passwords.<br class="">
&gt;<br class="">
&gt;<br class="">
&gt;<br class="">
&gt;<br class="">
&gt; On Sun, Jun 12, 2016 at 1:27 AM, Kevin Long &lt;<a href="mailto:kevin.long@haloprivacy.com" target="_blank" class="">kevin.long@haloprivacy.com</a>&gt; wrote:<br class="">
&gt;&gt;<br class="">
&gt;&gt;<br class="">
&gt;&gt; Hello,<br class="">
&gt;&gt;<br class="">
&gt;&gt;<br class="">
&gt;&gt; Can Freeswitch authenticate SIP phone logins from an LDAP directory ?<br class="">
&gt;&gt;<br class="">
&gt;&gt; Hoping to integrate this so my SIP users can use the same password/username they use for all other applications.<br class="">
&gt;&gt;<br class="">
&gt;&gt;<br class="">
&gt;&gt; Regards,<br class="">
&gt;&gt;<br class="">
&gt;&gt; Kevin Long<br class="">
&gt;&gt;<br class="">
&gt;&gt;<br class="">
&gt;&gt; _________________________________________________________________________<br class="">
&gt;&gt; Professional FreeSWITCH Consulting Services:<br class="">
&gt;&gt; <a href="mailto:consulting@freeswitch.org" target="_blank" class="">consulting@freeswitch.org</a><br class="">
&gt;&gt; <a href="http://www.freeswitchsolutions.com/" rel="noreferrer" target="_blank" class="">
http://www.freeswitchsolutions.com</a><br class="">
&gt;&gt;<br class="">
&gt;&gt; Official FreeSWITCH Sites<br class="">
&gt;&gt; <a href="http://www.freeswitch.org/" rel="noreferrer" target="_blank" class="">
http://www.freeswitch.org</a><br class="">
&gt;&gt; <a href="http://confluence.freeswitch.org/" rel="noreferrer" target="_blank" class="">
http://confluence.freeswitch.org</a><br class="">
&gt;&gt; <a href="http://www.cluecon.com/" rel="noreferrer" target="_blank" class="">http://www.cluecon.com</a><br class="">
&gt;&gt;<br class="">
&gt;&gt; FreeSWITCH-users mailing list<br class="">
&gt;&gt; <a href="mailto:FreeSWITCH-users@lists.freeswitch.org" target="_blank" class="">
FreeSWITCH-users@lists.freeswitch.org</a><br class="">
&gt;&gt; <a href="http://lists.freeswitch.org/mailman/listinfo/freeswitch-users" rel="noreferrer" target="_blank" class="">
http://lists.freeswitch.org/mailman/listinfo/freeswitch-users</a><br class="">
&gt;&gt; UNSUBSCRIBE:<a href="http://lists.freeswitch.org/mailman/options/freeswitch-users" rel="noreferrer" target="_blank" class="">http://lists.freeswitch.org/mailman/options/freeswitch-users</a><br class="">
&gt;&gt; <a href="http://www.freeswitch.org/" rel="noreferrer" target="_blank" class="">
http://www.freeswitch.org</a><br class="">
&gt;<br class="">
&gt; _________________________________________________________________________<br class="">
&gt; Professional FreeSWITCH Consulting Services:<br class="">
&gt; <a href="mailto:consulting@freeswitch.org" target="_blank" class="">consulting@freeswitch.org</a><br class="">
&gt; <a href="http://www.freeswitchsolutions.com/" rel="noreferrer" target="_blank" class="">
http://www.freeswitchsolutions.com</a><br class="">
&gt;<br class="">
&gt; Official FreeSWITCH Sites<br class="">
&gt; <a href="http://www.freeswitch.org/" rel="noreferrer" target="_blank" class="">
http://www.freeswitch.org</a><br class="">
&gt; <a href="http://confluence.freeswitch.org/" rel="noreferrer" target="_blank" class="">
http://confluence.freeswitch.org</a><br class="">
&gt; <a href="http://www.cluecon.com/" rel="noreferrer" target="_blank" class="">http://www.cluecon.com</a><br class="">
&gt;<br class="">
&gt; FreeSWITCH-users mailing list<br class="">
&gt; <a href="mailto:FreeSWITCH-users@lists.freeswitch.org" target="_blank" class="">
FreeSWITCH-users@lists.freeswitch.org</a><br class="">
&gt; <a href="http://lists.freeswitch.org/mailman/listinfo/freeswitch-users" rel="noreferrer" target="_blank" class="">
http://lists.freeswitch.org/mailman/listinfo/freeswitch-users</a><br class="">
&gt; UNSUBSCRIBE:<a href="http://lists.freeswitch.org/mailman/options/freeswitch-users" rel="noreferrer" target="_blank" class="">http://lists.freeswitch.org/mailman/options/freeswitch-users</a><br class="">
&gt; <a href="http://www.freeswitch.org/" rel="noreferrer" target="_blank" class="">
http://www.freeswitch.org</a><br class="">
<br class="">
<br class="">
_________________________________________________________________________<br class="">
Professional FreeSWITCH Consulting Services:<br class="">
<a href="mailto:consulting@freeswitch.org" target="_blank" class="">consulting@freeswitch.org</a><br class="">
<a href="http://www.freeswitchsolutions.com/" rel="noreferrer" target="_blank" class="">http://www.freeswitchsolutions.com</a><br class="">
<br class="">
Official FreeSWITCH Sites<br class="">
<a href="http://www.freeswitch.org/" rel="noreferrer" target="_blank" class="">http://www.freeswitch.org</a><br class="">
<a href="http://confluence.freeswitch.org/" rel="noreferrer" target="_blank" class="">http://confluence.freeswitch.org</a><br class="">
<a href="http://www.cluecon.com/" rel="noreferrer" target="_blank" class="">http://www.cluecon.com</a><br class="">
<br class="">
FreeSWITCH-users mailing list<br class="">
<a href="mailto:FreeSWITCH-users@lists.freeswitch.org" target="_blank" class="">FreeSWITCH-users@lists.freeswitch.org</a><br class="">
<a href="http://lists.freeswitch.org/mailman/listinfo/freeswitch-users" rel="noreferrer" target="_blank" class="">http://lists.freeswitch.org/mailman/listinfo/freeswitch-users</a><br class="">
UNSUBSCRIBE:<a href="http://lists.freeswitch.org/mailman/options/freeswitch-users" rel="noreferrer" target="_blank" class="">http://lists.freeswitch.org/mailman/options/freeswitch-users</a><br class="">
<a href="http://www.freeswitch.org/" rel="noreferrer" target="_blank" class="">http://www.freeswitch.org</a><br class="">
</blockquote>
</div>
_________________________________________________________________________<br class="">
Professional FreeSWITCH Consulting Services: <br class="">
<a href="mailto:consulting@freeswitch.org" class="">consulting@freeswitch.org</a><br class="">
http://www.freeswitchsolutions.com<br class="">
<br class="">
Official FreeSWITCH Sites<br class="">
http://www.freeswitch.org<br class="">
http://confluence.freeswitch.org<br class="">
http://www.cluecon.com<br class="">
<br class="">
FreeSWITCH-users mailing list<br class="">
FreeSWITCH-users@lists.freeswitch.org<br class="">
http://lists.freeswitch.org/mailman/listinfo/freeswitch-users<br class="">
UNSUBSCRIBE:http://lists.freeswitch.org/mailman/options/freeswitch-users<br class="">
http://www.freeswitch.org</div>
</blockquote>
</div>
<br class="">
</div>
</body>
</html>