[reSIProcate] Managing authentication in an B2BUA
- From: Tomasz Nowak <t_nowak@xxxxxx>
- Date: Wed, 07 Mar 2007 15:32:18 +0100
Hi,
I'm using resiprocate (version 1.0.2) as a base for my B2BUA and wanted 
to implement following scenario:
UserA                  B2BUA                   UserB
 |                       |                       |
 |  1.INVITE             |                       |
 |---------------------->|  2.INVITE             |
 |                       |---------------------->|
 |                       |    3.401 Unauthorized |
 |    4.401 Unauthorized |<----------------------|
 |<----------------------|  5.ACK                |
 |  6.ACK                |---------------------->|
 |---------------------->|                       |
 |                       |                       |
 |  7.INVITE(credential) |                       |
 |---------------------->|  8.INVITE(credential) |
 |                       |---------------------->|
The idea is, that after receiving '401 Unauthorized' from UserB, B2BUA 
should challenge UserA using realm & nonce taken from the message just 
received from UserB. Later on, B2BUA can reuse the credential received 
in message (7) to reINVITE UserB.
To setup DUM to be able to respond to digest challenges from UserB, I 
have to use ClientAuthManager.
I suppose I'll need to modify ClientAuthManager::handle() method, so 
that it will issue a challenge for UserA.
I'm wondering if I need to modify also 
DialogSet::handledByAuthOrRedirect() so that it:
- doesn't send a reINVITE immediately (it has to be done after message (7)),
- return always true, so that the DialogSet (between B2BUA & UserB) 
doesn't get destroyed.
Besides, how can I know, when an INVITE with credentials comes - do I 
have to modify ServerAuthManager logic?
What are your thoughts on my idea - I'm affraid I can miss something or 
introduce some bugs especially by modifying DialogSet code.
Best Regards,
Tomasz Nowak