Re: [reSIProcate-users] The credential of refresh registration
Thank you
On Fri, Jun 24, 2011 at 11:19 PM, Scott Godin
<sgodin@xxxxxxxxxxxxxxx> wrote:
You will likely need to modify the source code anyway, since there is no application callback for registration refreshes (in order to clear the auth state for subsequent refreshes).
Scott
On Fri, Jun 24, 2011 at 11:17 AM, Karlsson
<boost.regex@xxxxxxxxx> wrote:
mDum.mClientAuthManager.get()->clearAuthenticationState(DialogSetId(response));
can't access the prviate member, the mClientAuthManager is a private member.
Seems I should modify the DUMm source code.
On Fri, Jun 24, 2011 at 10:49 PM, Scott Godin
<sgodin@xxxxxxxxxxxxxxx> wrote:
Ok, let's try again with another idea. If you call ClientAuthManager::clearAuthenticationState with a DialogSetId from the registration after a successful registration, I believe this will erase the stored auth info in ClientAuthManager for this DialogSet, and will cause the next refresh to go out without authentication headers. This sounds like a much better overall solution, if it ends up working for you.
Good luck!
Scott
On Fri, Jun 24, 2011 at 10:04 AM, Karlsson
<boost.regex@xxxxxxxxx> wrote:
Encountered a new problem if apply the changes: about 5 minutes later, once my app send the refresh registration message without authentication, the server does not respond 200 OK, it respond 407, but my app still send the REGISTER without authentication even if received the 407 from server.
Any idea ?On Fri, Jun 24, 2011 at 11:19 AM, Karlsson
<boost.regex@xxxxxxxxx> wrote:
Thanks, now I got it works.
void
ClientAuthManager::addAuthentication(SipMessage& request)
{
if (request.header(h_CSeq).method() == REGISTER && request.header(h_CSeq).sequence() > 2)
{
return;
}
AttemptedAuthMap::iterator it = mAttemptedAuths.find(DialogSetId(request));
if (it != mAttemptedAuths.end())
{
it->second.addAuthentication(request);
}
}
On Fri, Jun 24, 2011 at 11:10 AM, Karlsson
<boost.regex@xxxxxxxxx> wrote:
I have tried modify the ClientAuthManager as below:
void
ClientAuthManager::addAuthentication(SipMessage& request)
{
AttemptedAuthMap::iterator it = mAttemptedAuths.find(DialogSetId(request));
if (it != mAttemptedAuths.end())
{
it->second.addAuthentication(request);
}
if (request.header(h_CSeq).method() == REGISTER && request.header(h_CSeq).sequence() > 2)
{
request.remove(h_ProxyAuthorizations);
request.remove(h_Authorizations);
}
}
With VS2009 debug as step by step, the remove method was executed, but in wireshark the all refresh registration messages still have the "Authorization" header even if CSEQ sequence is 5, 6, 7....
My case is when use my phone register to Nortel server, the Nortel is stop respond refresh registration about 5 minutes later.
If use other softpone this issue is not appears, I have compared the SIP message, the only difference is other softphones haven't attached the credential in refresh registration message.
ThanksOn Fri, Jun 24, 2011 at 1:58 AM, Scott Godin
<sgodin@xxxxxxxxxxxxxxx> wrote:
Ah yes - I moved the authentication header addition to an outbound decorator that will get run after all others. Something else you could try is to put explicit code in the ClientAuthManager to not decorate registration refereshes for authentication. It may be tricky to tell which messages are initial and which ones are refreshes though (you may be able to check the CSeq). This change would require changing the DUM core, unless you can get this custom behavior into an overridden ClientAuthManager.
What is your use case for this?
ScottOn Thu, Jun 23, 2011 at 1:45 PM, Karlsson
<boost.regex@xxxxxxxxx> wrote:
Thank you for your reply Scott, but I have tried MessageDecorator::decorateMessage() and DumFeature::process(), the SIP message has no "Authorization" header, seems this header is not added into SIP message before called these two functions.
Any idea ?On Thu, Mar 31, 2011 at 9:39 PM, Scott Godin
<sgodin@xxxxxxxxxxxxxxx> wrote:
There is no built-in way to disable this behaviour. If you want to remove the credentials without modifying resip code, then you could use an OutboundDecorator to remove the auth headers - you will need some logic to detect if a registration is a refresh or not.
--
--
--
--
--