Hi Collin, I can only think that by doing this saving of nonce, and accessible by rest of the boxes in cluster, isnt it going to put the authentication mechsnism at risk ? Even if not, that means all the servers in your cluster supposed to behave predictably same ! Hence again security concern !
Take a look at secret param for auth module: http://www.kamailio.org/docs/modules/3.4.x/modules/auth.html Regards, Sammy On Jul 1, 2016 18:10, "Colin Morelli" <colin.more...@gmail.com> wrote: > Hey all, > > I'm running a cluster of Kamailio instances as a proxy/registrar for > another cluster of Freeswitch instances. I'm using http_async_client to > make HTTP queries to my API to fetch credentials on auth challenges. > Kamailio performs generating the header, and validating the result based on > the data provided from my API. > > I'm fairly sure the answer is no, but I was wondering if Kamailio has any > mechanism for getting access to the nonce/nc values in the challenges and > responses so I can store them somewhere accessible to the whole cluster. > Because my instances are transaction stateful, the request that is > challenged and the subsequent request with the response may be routed to > different instances and I want to validate the nonce correctly. > > I can move all of this into the API (the digest auth and verification), > but my next question would be whether or not there are any APIs for getting > access to this information in a structured format, or if I should just > shove the whole digest auth header in the request to my API and > parse/verify there. > > Thanks in advance. > > Best, > Colin > > _______________________________________________ > SIP Express Router (SER) and Kamailio (OpenSER) - sr-users mailing list > sr-users@lists.sip-router.org > http://lists.sip-router.org/cgi-bin/mailman/listinfo/sr-users > >
_______________________________________________ SIP Express Router (SER) and Kamailio (OpenSER) - sr-users mailing list sr-users@lists.sip-router.org http://lists.sip-router.org/cgi-bin/mailman/listinfo/sr-users