On 10/20/15 12:50 PM, Anand Konji wrote:
Generally (but not limited to ),
- 407 proxy responses for messages sent to SIP clients.
- 401 responses for messages sent to SIP servers.
Not quite. A 407 can be returned for any request if it happens to go
through a proxy that cares.
And a 401 can be returned by any UAS. Note that UAS means UA Server. Any
UA acts as a server some of the time. Some UAs, like registrars, are
more likely to send 401s.
E.g.
- messages like INVITE & BYE will receive 407 responses
INVITE and BYE *could* also receive 401 responses, though it isn't common.
- messages like REGISTER & SUBSCRIBE will receive 401 responses.
A REGISTER is indeed likely to require authentication, and so return a
401. But it is also possible that it could get a 407.
It is pretty common to authenticate a REGISTER by challenging with 401.
And then to subsequently put a proxy in the path of future requests, and
for the proxy to only permit other requests if a registration is active
- doing this in lieu of challenging other requests. But it is tricky to
get this right. You need to somehow ensure that the subsequent requests
are from the same UA that is registered. The only IETF defined way to do
that is via RFC5626.
And note that in principle it should not be necessary to register before
sending requests. Registration is for the purpose of getting requests
that were sent to the AoR.
So another approach is for there to be a proxy in the signaling path for
all requests from a UA, that challenges (with 407) and requires
authentication of the From address before letting the request pass.
I think you should not worry so much about which messages are getting
these responses. Instead, simply have common logic to deal with them
whenever you are challenged.
Thanks,
Paul
On 20-Oct-2015 8:07 PM, "Brett Tate" <br...@broadsoft.com> wrote:
You are totally right, although I have a confusion here about
what proxy is challenging me with the 407 response code?
An intermediary (proxy or B2BUA) is challenging the request.
I mean by the word proxy what does the server mean?
RFC 3261 section 6 provides the definition of proxy. However if a B2BUA
relays requests, it may challenge such requests using a 407 response.
RFC 3261 section 22.3 may be helpful.
_______________________________________________
Sip-implementors mailing list
Sip-implementors@lists.cs.columbia.edu
https://lists.cs.columbia.edu/mailman/listinfo/sip-implementors
_______________________________________________
Sip-implementors mailing list
Sip-implementors@lists.cs.columbia.edu
https://lists.cs.columbia.edu/mailman/listinfo/sip-implementors
_______________________________________________
Sip-implementors mailing list
Sip-implementors@lists.cs.columbia.edu
https://lists.cs.columbia.edu/mailman/listinfo/sip-implementors
