1. User's Guide
  2. Registrar Configuration
  3. LST Configuration

LST Configuration

To configure the Oracle Enterprise Communications Broker to use LSTs for authentication, you need to create a local subscriber table configuration element that identifies that LST. The LST must include users with minimum configuration of user name and password. Alternatively, an LST entry can include an AOR and a universal number. If there is no AOR, the username is assumed to be the AOR. The universal number field assigns a universal number to all contacts registered to the AOR.

You have the option of setting the registrar to authenticate. When messages requiring authentication are received and processed by the sip registrar, the Oracle Enterprise Communications Broker uses the identified LST for authentication.

In a local subscriber table configuration, you must define an object name. The Oracle Enterprise Communications Broker stores LST files in the /code/lst directory. Do not specify a path in the name field.

When the registrar configuration includes a reference to an LST, the registrar uses it as its user list. The configuration may or may not include digest authentication functionality, depending on user configuration. Additional registrar configuration includes setting the digest realm appropriately (this is required for authentication), and setting the hash secret. At this point you may save and activate your configuration.

Unencrypted passwords for each user in the table is computed with the MD5 hash function as follows: 

MD5(username:digest-realm:password)

Configure the Registrar with an LST

Define the registrar for using the Local Subscriber Table (LST) for registration authentication as opposed to an external resource, or to accept registrations without authentication.

  1. Access the SIP Registrar configuration object.
    Configuration tab, System Administration section, SIP Registrar.
  2. On the Modify Local Subscriber Table page, click the Manage LST button, and do the following:
    LST File Specify the LST file for this registrar. Choose an existing LST file from the drop-down list.
    Manage LST (Use to create an LST file.) Do the following:
    1. File Name—Enter a filename for your new LST XML file. The OECB stores these files in the /code/lst directory.
    2. Digest Realm—Enter the name (Realm ID) of the host realm initiating the authentication challenge. This value defines the protected space in which the digest authentication is performed. Valid value is an alpha-numeric character string.
    3. Encrypt File—Select o cause the system to encrypt the file.
    4. Encryption Secret—Click Set to display the Set Encryption secret dialog. Enter and then confirm the secret used in encryption and decryption of the passwords in the XML file. Once saved, the system does not echo this value back to the screen in plaintext format.
    5. Click OK—This creates your LST file and allows you to add subscriber entries.
    6. Click the Add button. The system displays the Add Local Subscriber Entry dialog. Enter Username, Password and AoR for this subscriber.
    Authentication Method Select LST from the drop-down list.
    Digest Realm Enter the name (realm ID) of the host realm initiating the authentication challenge. This value defines the protected space in which the digest authentication is performed. Valid value is an alpha-numeric character string.
    LST Hash Secret Click the Set button to display the Set LST hash secret dialog. Enter and then confirm the secret used in encryption and decryption of the LST.
  3. Save the configuration.

Edit an LST File

In the SIP Registrar configuration, select the LST file from the drop-down list and click the Manage LST button to display the Edit Local subscriber table dialog, from which you can add, change, copy and delete users from the LST.

Additional dialog controls include:

  • Verify— Parse the LST for format errors and report if the syntax/format is incorrect.
  • Save—Dismiss the dialog and save all changes.
  • Compare—Identify the changes made to this LST since the last save.
  • Change secret—Change the hash secret used to encrypt username, digest realm and password.
  • Close—Dismiss the dialog without saving changes.

Perform the following steps to add a user to the LST:

  1. Access the SIP Registrar configuration object.
    Configuration tab, System Administration section, SIP Registrar.
  2. Click the Add button. The system displays the Add Local Subscriber Entry dialog.
  3. username— Enter a username for this subscriber. Optional configuration includes, password, universal number and AoR.
    The value given in the username attribute must be the same as the username that will be sent in the Authorization Header in the Request message from the users. Refer to RFC 2617 Http Authentication for details.
  4. Password—Enter the password associated with the username of the client. This is required for all LOGIN attempts. The password displays while typing but is not saved in clear-text (i.e., *****). Valid value is an alphanumeric character string.
  5. Aor—The Address of Record attribute is optional to specify the address of record for the subscriber if it is different than the username.
  6. Universal number—The user's number in a format compatible for use within the routing table.
  7. Repeat the subscriber add process for as many subscribers as intended.
  8. Save and activate your changes when finished.