10 Feb
2005
10 Feb
'05
4:34 p.m.
Hi all,
I'm planning to use SER with a 3rd party billing platform that
understands Cisco VSA as described here
http://www.cisco.com/univercd/cc/td/doc/product/access/acs_serv/vapp_dev/vs….
I've been looking into RADIUS implementation in SER and looks like it
cannot be used out of the box, there's no support for authorization
and native RADIUS authentication, only digest. Before I go on and add
necessary code to auth_radius module, I'd like to know if anyone has
implemented it and would like to share/sell his code.
Thanks.
10 Feb
10 Feb
11:57 p.m.
Dipole Moment wrote:
Hi all,
I'm planning to use SER with a 3rd party billing platform that
understands Cisco VSA as described here
http://www.cisco.com/univercd/cc/td/doc/product/access/acs_serv/vapp_dev/vs….
I've been looking into RADIUS implementation in SER and looks like it
cannot be used out of the box, there's no support for authorization
and native RADIUS authentication, only digest. Before I go on and add
necessary code to auth_radius module, I'd like to know if anyone has
implemented it and would like to share/sell his code.
As most SIP clients only support digest authentication, you also have to
use digest with your radius server.
regards,
klaus
11 Feb
11 Feb
11:33 p.m.
On 10-02 16:34, Dipole Moment wrote:
Hi all,
I'm planning to use SER with a 3rd party billing platform that
understands Cisco VSA as described here
http://www.cisco.com/univercd/cc/td/doc/product/access/acs_serv/vapp_dev/vs….
I've been looking into RADIUS implementation in SER and looks like it
cannot be used out of the box, there's no support for authorization
and native RADIUS authentication, only digest. Before I go on and add
necessary code to auth_radius module, I'd like to know if anyone has
implemented it and would like to share/sell his code.
I have to admit I do not know exactly how native RADIUS authentication
works, but what you are aiming for will most likely be not psssible.
Virtually all SIP user agent use digest authentication and thus SER
receives digest response hash only.
I suppose that in native radius authentication the client sends the
plaintext password to the RADIUS server for verification, but SER does
not know the password, it only knows the digest response hash.
Thus some RADIUS servers have been extended (or hacked, if you like) to
support digest authentication directly. SER encapsulates all digest
attributes received from the user agent into single RADIUS attribute
and sends it to the RADIUS server, which then verifies the digest
credentials and sends back Authorized/Unauthorized.
Jan.
7226
days inactive
7227
days old
2 comments
3 participants
participants (3)
-
Dipole Moment -
Jan Janak -
Klaus Darilion