El Miércoles, 12 de Diciembre de 2007, Andy Smith escribió:
I have configure Asterisk to SIP register to OpenSER, all works ok here and Asterisk sees OpenSER as a SIP peer and channel. The bit Im not getting is that when someone dials a number from a handset connected to Asterisk that needs to route out via OpenSER, Asterisk seems to pass the username and password credentials of the handset to OpenSER. Firstly if its going to do this, then what is the point of SIP registering Asterisk as its authenticating ever session as individual entities anyway, secondly this isnt scaleable :(
Repeat 1000 times with me: XDDDDD
Register is used JUST to **RECEIVE** calls, not to send calls.
SIP uses http-digest autentication. This means: in **EVERY** INVITE a proxy wnat to authenticate the client (Asterisk) receives a challenge from the proxy and the client must generate a hash (a response) with its credentials and the nonce received.