HI,
Ive tested the LDAP authentication using Kamailio 1.4.2 and it works great. However, I'd like prevent the passwords being sent back "in the clear" from the LDAP server. Is there a way to use the Kamailio ldap module with TLS/SSL? I already have openssl and openldap-client on the kamailio box and can successfully use the ldapsearch command line tool via TLS.
Sven Schulz
Penn State University
Hello,
I haven't checked myself, but try to set the ldap server url starting with "ldaps://" -- the library should handle it.
Cheers, Daniel
On 01/27/2009 10:07 PM, Sven Schulz wrote:
HI,
Ive tested the LDAP authentication using Kamailio 1.4.2 and it works great. However, I’d like prevent the passwords being sent back “in the clear” from the LDAP server. Is there a way to use the Kamailio ldap module with TLS/SSL? I already have openssl and openldap-client on the kamailio box and can successfully use the ldapsearch command line tool via TLS.
Sven Schulz
Penn State University
Kamailio (OpenSER) - Users mailing list Users@lists.kamailio.org http://lists.kamailio.org/cgi-bin/mailman/listinfo/users http://lists.openser-project.org/cgi-bin/mailman/listinfo/users
That worked, easier than I thought. Thanks.
On 1/27/09 3:50 PM, "Daniel-Constantin Mierla" miconda@gmail.com wrote:
Hello,
I haven't checked myself, but try to set the ldap server url starting with "ldaps://" -- the library should handle it.
Cheers, Daniel
On 01/27/2009 10:07 PM, Sven Schulz wrote:
HI,
Ive tested the LDAP authentication using Kamailio 1.4.2 and it works great. However, I¹d like prevent the passwords being sent back ³in the clear² from the LDAP server. Is there a way to use the Kamailio ldap module with TLS/SSL? I already have openssl and openldap-client on the kamailio box and can successfully use the ldapsearch command line tool via TLS.
Sven Schulz
Penn State University
Kamailio (OpenSER) - Users mailing list Users@lists.kamailio.org http://lists.kamailio.org/cgi-bin/mailman/listinfo/users http://lists.openser-project.org/cgi-bin/mailman/listinfo/users
On 01/28/2009 05:38 PM, Sven Schulz wrote:
That worked, easier than I thought.
great. I added a short note in the readme to mention about it.
Cheers, Daniel
Thanks.
On 1/27/09 3:50 PM, "Daniel-Constantin Mierla" miconda@gmail.com wrote:
Hello,
I haven't checked myself, but try to set the ldap server url starting with "ldaps://" -- the library should handle it.
Cheers, Daniel
On 01/27/2009 10:07 PM, Sven Schulz wrote:
HI,
Ive tested the LDAP authentication using Kamailio 1.4.2 and it works great. However, I¹d like prevent the passwords being sent back ³in the clear² from the LDAP server. Is there a way to use the Kamailio ldap module with TLS/SSL? I already have openssl and openldap-client on the kamailio box and can successfully use the ldapsearch command line tool via TLS.
Sven Schulz
Penn State University
Kamailio (OpenSER) - Users mailing list Users@lists.kamailio.org http://lists.kamailio.org/cgi-bin/mailman/listinfo/users http://lists.openser-project.org/cgi-bin/mailman/listinfo/users
Kamailio (OpenSER) - Users mailing list Users@lists.kamailio.org http://lists.kamailio.org/cgi-bin/mailman/listinfo/users http://lists.openser-project.org/cgi-bin/mailman/listinfo/users
2009/1/29 Daniel-Constantin Mierla miconda@gmail.com:
On 01/28/2009 05:38 PM, Sven Schulz wrote:
That worked, easier than I thought.
great. I added a short note in the readme to mention about it.
Cheers, Daniel
Thanks.
On 1/27/09 3:50 PM, "Daniel-Constantin Mierla" miconda@gmail.com wrote:
Hello,
Does this module support the start_tls option or any kind of level of certification based authentication, i.e SASL EXTERNAL?
How does your module code test authentication? Does it *need* a binddn and bindpw or can it bind as the user and report success/failure?
Thanks.
-
Daniel-Constantin Mierla -
Gavin Henry -
Sven Schulz