[OpenSIPS-Users] SIP password auth mechanism

Abdul Basit basit.engg at gmail.com
Tue Mar 7 03:26:26 EST 2017


Hi,

I have a scenario where I will create password HASH = SALT + STRING and
save SALT and resulted HASH only in DB.

I will transport random STRING value to my custom sip application as
password.

Digest authentication is not comply with this requirement.

Is that any supported authentication mechanism that can fulfill this
requirement.
or is there any more appropriate authentication mechanism by
opensips/kamailio?

One of the objectives is in case DB will compromise, users passwords will
not available because random STRING will not store in DB.

Looking forward for suggestions and comments.

--
regards,

abdul basit
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.opensips.org/pipermail/users/attachments/20170307/22a9814b/attachment.html>


More information about the Users mailing list