You can store only the ha1 (and ha1b if you have clients using that form
of auth username) in subscriber table (no plain text password in
database) and set calculate_ha1 -- see also the parameters related to
columns of auth_db for further adjustments.
Cheers,
Daniel
On 27/12/14 11:02, Olli Heiska
Thanks for your input, I thought about working with pv_auth_check, but the
problem is I can't decrypt the passwords from the database, they will be
either md5 hashes or some other hashes that can't be decrypted. Also I
can't access the password user is sending in order to encrypt it, so this
way of
I am not sure if i understand your question correctly, but if you want to
use any authentication source or encryption algorithm (for back-end
storage, e.g. for compliance with PCI DSS v2.0 and above) other then
standard db and ha1 hash then you may consider using pv_auth_check,
http://kamailio.org
Hello all,
During authentication, is there any way to affect the password user is
sending? I do suspect not as it is a clear security matter, but won't hurt
to ask. I use auth_db module with calculate_ha1 parameter set to 1. For
reasons in integrating Kamailio into my system architecture there is
