login | register
Sat 05 of Jul, 2008 [03:00 UTC]

voip-info.org

Navigation
Today's Deals
Recently Visited Pages
Search with Google
Search this site with Google. Results may not include recent changes.
 
Google Ads
Last Changes
Shoutbox
  • Samuel, Thu 03 of Jul, 2008 [13:41 UTC]: ok thank you
  • Mats Karlsson, Thu 03 of Jul, 2008 [13:37 UTC]: Nice Samuel, will look forward to rad it.
  • bwl_fernstudent, Thu 03 of Jul, 2008 [09:08 UTC]: Your blog shows some usefull code
  • Samuel, Thu 03 of Jul, 2008 [08:04 UTC]: I'll translate it, for sure
  • Mats Karlsson, Wed 02 of Jul, 2008 [20:46 UTC]: LOL, in french! Translate it to English and I will read it.
  • Samuel, Wed 02 of Jul, 2008 [08:07 UTC]: Hello, i wrote a blog about Asterisk, speaking about installation,programming and more http://sambranche.blogspot.com/
  • Nick Barnes, Tue 01 of Jul, 2008 [17:46 UTC]: Steve - Asterisk doesn't 'fit into linux' - it's an application which runs on top of Linux.
  • Steve, Mon 30 of Jun, 2008 [18:07 UTC]: anyone know where I can find a block diagram of how asterisk fits into linux. my f'ing bosses want me to draw something up.. ugh.
  • akbar, Fri 27 of Jun, 2008 [10:37 UTC]: marley_boyz@yahoo.com how to configure call forward, call back, call pick up using TDM and asterisk 1.2.13... please help me.. thx...
  • Matthew Williams, Tue 24 of Jun, 2008 [22:37 UTC]: We are looking for Tier II VoIP Support Technicians in St Louis. Send resumes to mwilliams AT voxitas DOT com.
Server Stats
  • Execution time: 0.41s
  • Memory usage: 2.57MB
  • Database queries: 33
  • GZIP: Disabled
  • Server load: 0.82

Asterisk user authentication

There are at least a couple of reasons why you would want to authenticate a user:
  • restrict access to voicemail
  • give authenticated users access to more extensions such as allow them to call in and then make outgoing calls (useful for people at hotels and possibly reduced log distance rates for cell phone users)

There are 4 ways that I know of to authenticate a user:
  • voicemail system. Once authenticated, user can:
    • change their own password
    • change voicemail messages
    • listen to, save, forward, and delete voicemail messages
    • voicemail.conf allows you to specify certain mailboxes that the user, once authenticated, can get forwarded to another context (this is how you can give them access to additional extensions). Read about the dialout parameter http://www.voip-info.org/tiki-index.php?page=Asterisk+config+voicemail.conf
    • this method does not currently allow you to read passwords from db or ldap (I think) but does allow each user to use (and maintain) their own password. I really hope that read/write ldap support will be added in the near future.
  • DISA command provides a dialtone, user must enter a password to get forwarded to the specified context where they get another dial tone and they can then use extensions in that new context. Usually used with no-password argument (with authenticate command before it since the the authenticate command is more user friendly). When used with no-password, DISA is only different than WaitExten in that it will forward the entered extension to another context
  • authenticate command asks a user to enter a given password in order to continue execution (it asks again if an incorrect password is given). A file or database can also be used to list passwords. Hopefully this will be modified in the future to prompt for both user name password AND add support for ldap storage
  • authenticate by caller id. This isn't particularly secure since callerid can be spoofed .. but is the easiest for users to use since the user doesn't have to enter any authentication password). This method requires that the nember calling in be known and authenticated prior to the caller using this system.


Examples:
[public]
exten => s,1,Wait(0)
exten => s,2,Macro(authbyCID,${CALLERIDNUM})
exten => s,3, whatever happens if they don't authenticate by callerid


[macro-authbyCID]
; Forward authorized callers to trusted
; ARG1 = CALLERIDNUM
exten => s,1,GotoIf($[${ARG1} = 5195551234]?trusted,s,1) ; Brian's house


[trusted]
; used by trusted extensions or authenticated users to get access to external lines and internal extensions

exten => s,1,Answer
exten => s,2,DigitTimeout(10) ; Set Digit Timeout to 10 seconds
exten => s,3,ResponseTimeout(12) ; Set Response Timeout to 12 seconds
exten => s,4,Background(trusted) ; play message telling them they can dial extensions (I have "1" set up to ring into office like a normal incoming call)
exten => s,5,WaitExten(8) ; could be replaced with DISA(no-password,trusted) for same effect
exten => s,6,Hangup



  • authenticate and DISA

exten => s,1,Authenticate(XXXXX)
exten => s,2,DISA,no-password|toll-access
exten => s,3,Hangup

See Also


Created by bjohnson, Last modification by Jose F Franco on Wed 10 of Jan, 2007 [14:22 UTC]

Comments

Please update this page with new information, just login and click on the "Edit" or "Add Comment" button above. Get a free login here: Register Thanks! - support@voip-info.org

Page Changes | Comments

Sponsored by:
Terms of Service Privacy Policy
© 2003-2008 VOIP-Info.org LLC

Powered by bitweaver