Manualshelf

HP-UX C SIP Stack Programmer's Guide (Novembery 2007)

ManualsBrandsHP ManualsSoftwareHP-UX 11i v3 ONC and NFS Software
201202203204205206207208209210
186 HP-UX C SIP Stack Programmers Guide
Introduction
1. A server responds to the originator of an incoming request with
a 401 Unauthorized response. A Proxy server responds with a
407 Proxy Authentication Required response.
These responses each include a special Authentication header
with information required by the UAS in the Authentication
process. The information included in the Authenticator header
is called “challenge”.
2. The UAC uses the Authentication header parameters along
with the user name and password to generate a hash value
using the MD5 algorithm.
3. The hash value and other parameters are inserted into a special
Authorization header.
4. The client re-sends the request with the Authorization header.
The information included in the Authorization header is called
“credentials”.
5. The server uses the credentials to verify the authenticity of the
originator of the request.
AUTHENTICATOR
OBJECT
The authenticator is responsible for applying the authentication mechanism by
building the Authorization header on the client side, and by verifying the
incoming Authorization header on the server side.
Call-legs, register-clients and subscriptions use the authenticator in order to
authenticate outgoing requests. For example, a call-leg that sends an INVITE
request and receives a 407 response assumes the UNAUTHENTICATED state.
Your application can then call the RvSipCallLegAuthenticate() function which
uses the authenticator and issues an INVITE with the Authorization header.
Call-leg, subscription and server transactions use the authenticator to
authenticate incoming requests. When the object state indicates that a request
was received, your application can trigger the authenticator to verify the
authenticity of the originator.