Hi all,
I am currently researching how to implement the client side of SIP
authentication in our system. I was wondering what should happen if a client
sends F1 (INVITE with no credentials) and receives F2 "407 Proxy
Authorization Required". Suppose the client resubmits an INVITE, F4, with
credentials (that is, a Proxy-Authorization header with a response parameter
is embedded), but the credentials supplied are actually invalid. How then is
the proxy likely to respond? In other words in the flow below what would F5
be?
Alice Proxy Bob
| | |
| INVITE F1 | |
|----------->| |
| 407 Proxy Authorization Required F2
|<-----------| |
| ACK F3 | |
|----------->| |
| INVITE F4 | |
|----------->| |
| ? F5 | |
|<-----------| |
| | |
| | |
(If F5 were another 407 message, then the client should *probably* have the
intelligence to parse this, and deduce that it's previous credentials were
invalid and give up. Were the client to dumbly resubmit another INVITE then
an infinite loop could result).
Any advice on this scenario would be appreciated.
Thanks,
Matthew Gardiner
Software Engineer
Aculab
Tel: +44 (0) 1908 273 911
Fax: +44 (0) 1908 273 801
Email: mailto:[EMAIL PROTECTED]
Website: <http://www.aculab.com>
_______________________________________________
Sip-implementors mailing list
[email protected]
http://lists.cs.columbia.edu/mailman/listinfo/sip-implementors
