I believe an initial request may contain credentials using the most recently offered nonce on a prior call. Nonce is not tied to a single call or session. Of course, there is no guarantee that the credentials will be accepted. The server may accept the credentials if the nonce lifetime has not expired and local policy allows it. Or, the server may re-challenge with a new nonce. I would suspect that most servers currently do the latter. -----Original Message----- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Dale Worley Sent: Thursday, July 14, 2005 9:16 AM To: [email protected] Subject: RE: [Sip-implementors] proxy servers multiple realm
> From: Peili Xu [mailto:[EMAIL PROTECTED] > > Since the final choice of the realm is decided by user. > Another possible way > is that user can config the associated realm in his terminal. > So that the initial Request can contain the realm information. In my experience, user agents do not add authorization headers in initial requests. I believe that this is because the proxy will not accept an authorization header that does not contain a current nonce, and the only way for a user agent to get a nonce is from a 407 response. So there is no benefit in sending an authorization header to a proxy that one has not recently communicated with, since one cannot include a current nonce. Dale _______________________________________________ Sip-implementors mailing list [email protected] http://lists.cs.columbia.edu/mailman/listinfo/sip-implementors _______________________________________________ Sip-implementors mailing list [email protected] http://lists.cs.columbia.edu/mailman/listinfo/sip-implementors
