Comment #1 on issue 348 by abhatnagar192006: authentication of requests on sip presence server http://code.google.com/p/mobicents/issues/detail?id=348
For ims, the trust domain concept can be used for request authorization/authentication, based on the inspection of the P-Asserted-Identity header. We can configure trust domains over JMX. If the SUBSCRIBE/PUBLISH is received from a node outside the trust domain, then we will authenticate it using SIP Digest. Otherwise, the actual authentication (in case of IMS), is taken care of by the CSCFs prior to any request reaching the Presence Server (IMS AS), if the PS is installed within a trust domain (intra-operator nodes). References: 1. http://www.ietf.org/rfc/rfc3324.txt 2. http://www.packetizer.com/rfc/rfc3325 3. TS 24.229: SIP Digest without TLS scheme. Ping me if i can be of any help in moving forward on this.. aayush -- You received this message because you are listed in the owner or CC fields of this issue, or because you starred this issue. You may adjust your issue notification preferences at: http://code.google.com/hosting/settings
