[prev in list] [next in list] [prev in thread] [next in thread] 

List:       sip-implementors
Subject:    Re: [Sip-implementors] WWW-Authenticate and REGISTER
From:       "Dale R. Worley" <dworley () pingtel ! com>
Date:       2006-05-25 17:28:23
Message-ID: 1148578103.29060.17.camel () niagra ! pingtel ! com
[Download RAW message or body]

On Thu, 2006-05-25 at 11:54 +0100, Stephen Paterson wrote:
> Is there any means by which a registrar can inform the UAC that this
> behaviour is required? I guess it would be either as a parameter in the
> WWW-Authenticate header or possibly another header. If there is, is it
> mandatory?

The SIP model works thusly:  It is assumed that the UA has already been
configured with one or more sets of credentials.  Each set of
credentials has a realm, user, and password.  There is at most one set
of credentials with any particular realm.  When an authentication
challenge is presented, the challenge contains a realm, and the UA will
respond using the credentials for that realm.  (Of course, the see of
credentials could be different for each "line", each AOR which is to be
registered.)

Note that whether the user in the credentials matches the user in the
SIP URI is (implicitly) already known by the UA (once the realm is
specified).

What you seem to be asking about is a situation where the UA may change
its behavior (apparently including the user that will be used in the
authorization response) based on whether the server requires the
credential user to be the same as the AOR user.  But the UA doesn't have
any flexibility in that regard.  To allow that would require retooling
the model of authorization behavior, and that might require changing
other things.

Dale

--- 
interop.pingtel.com -- the public SIP phone interoperability test server


[prev in list] [next in list] [prev in thread] [next in thread]