< Previous by Date	Date Index	Next by Date >
< Previous in Thread	Thread Index	Next in Thread >

Re: [reSIProcate] how to include "authorization" field in the first "INVITE" sip message

From: Scott Godin <sgodin@xxxxxxxxxxxxxxx>
Date: Wed, 2 Oct 2013 17:52:39 -0400

Hi Allen,

You should be careful about credential caching. The following rules are in RFC3261 section 22.3:

   The following rule is RECOMMENDED for proxy credential caching:

   If a UA receives a Proxy-Authenticate header field value in a 401/407
   response to a request with a particular Call-ID, it should
   incorporate credentials for that realm in all subsequent requests
   that contain the same Call-ID.  These credentials MUST NOT be cached
   across dialogs; however, if a UA is configured with the realm of its
   local outbound proxy, when one exists, then the UA MAY cache
   credentials for that realm across dialogs.  Note that this does mean
   a future request in a dialog could contain credentials that are not
   needed by any proxy along the Route header path.

DUM will only cache credentials within the same dialog.  I see you are trying to use the setImsAuthUser profile setting - are you really operating in an IMS environment?  I'm not really familiar with how auth works in IMS to help much with it.

Assuming no IMS - You could try capturing the authorization headers from your last outbound registration (using an outbound decorator - https://www.resiprocate.org/Modifying/Decorating_messages_sent) and placing them in the INVITE after calling makeInviteSession, but make sure you are not violating the RFC statement above.

Scott

On Wed, Oct 2, 2013 at 5:31 PM, Allen Guan <allenguan@xxxxxxxxx> wrote:

Hi, all,

I have a question: I want to include "Authorization" in the first "INVITE" sip message, my code is as follows:
---------
std::string sDialOutUser = DIALOUT_FROM_NUMBER;

NameAddr dialoutAor;
dialoutAor.uri().host() = g_uConferenceConfigure.m_
sExternalIp;
dialoutAor.uri().port() = g_uConferenceConfigure.m_iSIPPort;
dialoutAor.uri().user() = sDialOutUser.c_str();
Data dialoutpasswd("111");

oDialogUsageManager->getMasterProfile()->setDefaultFrom(dialoutAor);
oDialogUsageManager->getMasterProfile()->setDigestCredential(dialoutAor.uri().host(), dialoutAor.uri().user(), dialoutpasswd);
oDialogUsageManager->getMasterProfile()->setImsAuthUser(sDialOutUser.c_str(), oInviteMsgAddr.uri().getAorNoPort());

SharedPtr<SipMessage> inviteMessageUac = oDialogUsageManager->makeInviteSession(oInviteMsgAddr, &oLocalSdp);
--------

the generated sip message's "Authorization" has empty "nonce" and "response", I guess at least "response" should not be empty to include the digest credential information, right? Would you please kindly tell me what's the correct way to do it?

Thanks a lot!

-Allen

_______________________________________________
resiprocate-devel mailing list
resiprocate-devel@xxxxxxxxxxxxxxx
https://list.resiprocate.org/mailman/listinfo/resiprocate-devel

Follow-Ups:
- Re: [reSIProcate] how to include "authorization" field in the first "INVITE" sip message
  - From: Allen Guan

References:
- [reSIProcate] how to include "authorization" field in the first "INVITE" sip message
  - From: Allen Guan

Prev by Date: [reSIProcate] how to include "authorization" field in the first "INVITE" sip message
Next by Date: Re: [reSIProcate] how to include "authorization" field in the first "INVITE" sip message
Previous by thread: [reSIProcate] how to include "authorization" field in the first "INVITE" sip message
Next by thread: Re: [reSIProcate] how to include "authorization" field in the first "INVITE" sip message
Index(es):
- Date
- Thread