Introduction
This tutorial describes how to configure security realms to provide authentication and access control to SIP applications running in Cipango. A realm has a unique name, and is composed of a set of users. Each user has authentication information (for example, a password) and a set of roles associated with him/herself.
 | Declarative security is available in Cipango as of version 2.1.1 |
Sip Application configuration
In this tutorial, we'll who how to add SIP Digest authentication to the MyServlet servlet when receiving REGISTER and INVITE requests.
To add declarative security, add the following declarations in your sip.xml file:
Next step is to declare users and their credentials. To do so, we add the following jetty-web.xml configuration file to our application (in the same directory as sip.xml). In this file we configure a LoginService which is responsible for user management.
Final step is then to populate the realm.properties located in the etc directory of your cipango installation with all desired users and passwords. Each line in the file contains a username, a password, and 0 or more role assignments. For instance, to grant access to alice and bob with passwords foo and bar, add the following lines:
alice: foo bob: bar
You may now send REGISTER and INVITE requests to your servlet. These requests are authenticated and access is granted only to users alice or bob.