[reSIProcate] Authentication challenge issue
Daniel Pocock
daniel at readytechnology.co.uk
Thu Feb 15 06:34:07 CST 2007
Niraj Roy wrote:
> Hi,
> One issue with Authentication.
> I have created a profile for user Bob with the domain name
> 'biloxy.com'.
> Bob is trying to place a call to hirel at cisco.com.
> Hence 'Request Uri' and 'To' header will contain 'hirel at cisco.com'
> And From header will contain 'Bob at biloxy.com'.
> In the current implementation while challenging ServerAuthManager
> use Request Line for supplying realm. Hence 407 Challenge responses contain
> 'cisco.com' in the required realm.
> Bob resends INVITE request 'cisco.com' in it's realm.
> But his profile domain is set to 'biloxy.com' hence
> ServerAuthManager sends 404 Error response.
>
> I think ServerAuthManager should take realm from the 'From' header
> instead of Request Line..
>
> Any guess...?
>
You can write your own sub-class of ServerAuthManager, call it
MyServerAuthManager for instance.
These virtual methods need to be implemented with your own logic:
virtual bool authorizedForThisIdentity(const resip::Data &user,
const resip::Data &realm,
resip::Uri &fromUri);
virtual const Data& getChallengeRealm(const SipMessage& msg);
virtual bool isMyRealm(const Data& realm);
>
> Niraj
>
> _______________________________________________
> resiprocate-devel mailing list
> resiprocate-devel at list.resiprocate.org
> https://list.resiprocate.org/mailman/listinfo/resiprocate-devel
>
More information about the resiprocate-devel
mailing list