Search code examples
authenticationsipasterisk

Asterisk SIP custom authentication

I'm using ASTERISK to bridge sip calls inside my company.

Only authenticated/authorized users are allowed to make calls.

We already have a service that handles authentication, so is there any way to integrate the authentication from asterisk (sip.conf) to our service ?

So, instead of typing all users and passwords in sip.conf asterisk could simply call some API that communicates with our authentication service.

Basically I need a way to get the username/password from the SIP device and authenticate. Since each user has a different password it would become impractical to type it all inside sip.conf when we already have all the users/passwords in our database.

Thanks

Solution

  • There are plenty ways to do auth in asterisk

    • use asterisk realtime architecture, auth is via database(mysql/odbc). This one is HIGHLY recommended method. For realtime sip integration see this.
    • use exec include method(on reload execute external script which supply config). Will change config only on reloads. Check this link
    • use openser(kamailio/opensips) before asterisk, use avpairs with curl to got answer from your API. Your API has to be REALLY quick and you need to be an expert in opensips/kamailio.

    Since all that is quite common things for asterisk, probably you need an asterisk expert to validate/security audit/performance audit for your system or you need someone from your staff to read some books like O'Reilly's Asterisk The Future Of Telephony just to understand some possible issues.