El Miércoles, 10 de Febrero de 2010, Couret Tabt escribió: > Dear folks, > > There is a description below about 407 in RFC3261: > > 21.4.8 407 Proxy Authentication Required > > This code is similar to 401 (Unauthorized), but indicates that the > client MUST first authenticate itself with the proxy. SIP access > authentication is explained in Sections 26 and 22.3. > > This status code can be used for applications where access to the > communication channel (for example, a telephony gateway) rather than > the callee requires authentication. > > Especially, what does the description below mean? > > ...but indicates that the > client MUST first authenticate itself with the proxy.
I would forget it. There is no way for a UAC to know if it has received a 401/407 from a proxy o from a server (UAS). 401/407 is just an inheritance from HTTP protocol, fully useless in SIP world. So I wouldn't care about it. If the UAC receives a 401 then the UAC must build credentinals in "Authorization" header. If it receives 407 then the UAC must build credentials in "Proxy-Authorization" header. Just it. It's a pain and useful, sure, but it's what we have. > I think below: > Even if a UA want to authenticate another UA, > it MUST NOT have the authentication using 407. UA cannot "desire" to authenticate against a UAS or a proxy, if the proxy or UAS the node which requires UAC to authenticate. > Additionally, even proxy MUST NOT use 407 mechanism > to authenticate the UA AT SECOND TIME(maybe > in the dialog). A proxy or a UAS could ask for authentication in *any* request (in-dialog or not). Regards. -- Iñaki Baz Castillo <[email protected]> _______________________________________________ Sip-implementors mailing list [email protected] https://lists.cs.columbia.edu/cucslists/listinfo/sip-implementors
