Hi Igor, the Authorization header must be exactly the same because the uri is in the calculation of the response. A proxy or UA will maybe not process the ACK because of a wrong response.
We are copy the Authentication header to the ACK: This is correct: username="testcaller",realm="sip.example.com",nonce="55555",uri="sip:[EMAIL PROTECTED]",response="[skippedmysecondresponse]" But something is wrong with your second header. I think it should be similar with the AOR of the To Tag. We encountered of some problems with NAT where some SIP aware firewalls which replaces a private IP with the public IP and the request always failed. Feel free to read chapter "22 Usage of HTTP Authentication". Regards, Markus Igor Vanin wrote: > Hello, All > > Which URI should I use in "uri" parameter of Authorization header field in > ACK request after 200 response from server: the same URI as in INVITE request > or new Request-URI obtained from Contact HF of 200 response? > > After INVITE/401/ACK transaction, my softphone sends to the Proxy an INVITE > request with the following lines: > > INVITE sip:[EMAIL PROTECTED] SIP/2.0 > To: <sip:[EMAIL PROTECTED]> > Authorization: Digest > username="testcaller",realm="sip.example.com",nonce="55555",uri="sip:[EMAIL > PROTECTED]",response="[skippedmyfirstresponse]" > > Then I receive 200 response from server: > > SIP/2.0 200 OK > To: <sip:[EMAIL PROTECTED]>;tag=111 > Contact: <sip:[EMAIL PROTECTED]:5060> > > Then the UAC core generates ACK request with updated Request-URI: > > ACK sip:[EMAIL PROTECTED] SIP/2.0 > To: <sip:[EMAIL PROTECTED]>;tag=111 > Which Authorization header field is correct? > This: > Authorization: Digest > username="testcaller",realm="sip.example.com",nonce="55555",uri="sip:[EMAIL > PROTECTED]",response="[skippedmysecondresponse]" > or this: > Authorization: Digest > username="testcaller",realm="sip.example.com",nonce="55555",uri="sip:[EMAIL > PROTECTED]:5060",response="[skippedmysecondresponse]" > ? > > RFC-3261 claims that the ACK MUST contain the same credentials as the INVITE. > Is the "uri" parameter the part of "credentials", or it should match the > Request-URI of each request? > > -- > With best regards, Igor Vanin, St. Petersburg, Russia > mailto:[EMAIL PROTECTED] http://gpmail.spb.ru > > > _______________________________________________ > Sip-implementors mailing list > [email protected] > https://lists.cs.columbia.edu/cucslists/listinfo/sip-implementors _______________________________________________ Sip-implementors mailing list [email protected] https://lists.cs.columbia.edu/cucslists/listinfo/sip-implementors
