Hi,
According to RFC 3261, 22.2 User-to-User Authentication:
Once authentication credentials have been supplied
(either directly by the user, or discovered in an internal keyring),
UAs SHOULD cache the credentials for a given value of the To header
field and "realm" and attempt to re-use these values on the next
request for that destination. UAs MAY cache credentials in any way
they would like.
Can this also be applied to requests with the AOR in the To header? For
example the REGISTER request and the SUBSCRIBE request for the reg event:
REGISTER --->
401 Unauthorized <---
REGISTER (with Authorization) --->
200 Ok <---
SUBSCRIBE (reg) --->
401 Unauthorized <---
The SUBSCRIBE for the reg event contains the same URI in the To header
field as the REGISTER request. To avoid the 401 response for the
SUBSCRIBE request is it allowed to use the same authorization
credentials in the SUBSCRIBE request?
kind regards,
Sigrid Thijs
_______________________________________________
Sip-implementors mailing list
[email protected]
https://lists.cs.columbia.edu/cucslists/listinfo/sip-implementors
