[reSIProcate] Managing authentication in an B2BUA
- From: Tomasz Nowak <t_nowak@xxxxxx>
- Date: Wed, 07 Mar 2007 15:32:18 +0100
Hi,
I'm using resiprocate (version 1.0.2) as a base for my B2BUA and wanted
to implement following scenario:
UserA B2BUA UserB
| | |
| 1.INVITE | |
|---------------------->| 2.INVITE |
| |---------------------->|
| | 3.401 Unauthorized |
| 4.401 Unauthorized |<----------------------|
|<----------------------| 5.ACK |
| 6.ACK |---------------------->|
|---------------------->| |
| | |
| 7.INVITE(credential) | |
|---------------------->| 8.INVITE(credential) |
| |---------------------->|
The idea is, that after receiving '401 Unauthorized' from UserB, B2BUA
should challenge UserA using realm & nonce taken from the message just
received from UserB. Later on, B2BUA can reuse the credential received
in message (7) to reINVITE UserB.
To setup DUM to be able to respond to digest challenges from UserB, I
have to use ClientAuthManager.
I suppose I'll need to modify ClientAuthManager::handle() method, so
that it will issue a challenge for UserA.
I'm wondering if I need to modify also
DialogSet::handledByAuthOrRedirect() so that it:
- doesn't send a reINVITE immediately (it has to be done after message (7)),
- return always true, so that the DialogSet (between B2BUA & UserB)
doesn't get destroyed.
Besides, how can I know, when an INVITE with credentials comes - do I
have to modify ServerAuthManager logic?
What are your thoughts on my idea - I'm affraid I can miss something or
introduce some bugs especially by modifying DialogSet code.
Best Regards,
Tomasz Nowak