________________________________________
From: [email protected]
[[email protected]] On Behalf Of Kutay OZDOGRU
[[email protected]]
In RFC 3261 www-authenticate header is exampled like follow:
WWW-Authenticate: Digest realm="atlanta.com",
domain="sip:boxesbybob.com", qop="auth",
nonce="f84f1cec41e6cbe5aea9c8e88d359",
opaque="", stale=FALSE, algorithm=MD5
Have you ever seen that "username" and "password" fields exist in
www-authenticate header, coming in 401?
_______________________________________________
I have not seen those. RFC 3261 does not define "username" and "password"
in WWW-Authenticate. But it does allow "extension" parameters, so a receiver of
the header should not fail if it sees "username" or "password" in
WWW-Authenticate.
Dale
_______________________________________________
Sip-implementors mailing list
[email protected]
https://lists.cs.columbia.edu/cucslists/listinfo/sip-implementors
