HP-UX C SIP Stack Programmer's Guide (Novembery 2007)
Authentication 199
Server Authentication Implementation
If the user was not found in the database, the
application may call the
RvSipXXXAuthProceed(SKIP_HEADER) function
in order to continue with the loop, finding the next
Authorization header (back to step 3).
If the SIP Stack does not support the credentials, the
application can try to verify the credentials by itself.
By calling the RvSipXXXAuthProceed(SUCCESS)
function, the application indicates that the credentials
were verified by it. The SIP Stack will stop the loop,
and RvSipXXXAuthCompletedEv() event will be
called, with Success indication. (If it was not verified,
the application may use the SKIP_HEADER option).
If the application wishes to stop the authentication
process, it can call the
RvSipXXXAuthProceed(Failure) function. This will
stop the loop and RvSipXXXAuthCompletedEv()
event will be called, with Failure indication.
6. Calling the RvSipXXXAuthProceed (USE_PW) function will
instruct the SIP Stack to verify the authenticity of the
originator, using the given password.
If authentication succeeds, the server authentication
procedure is completed. The SIP Stack will call the
RvSipXXXAuthCompletedEv() callback with
Success indication.
If authentication fails, the SIP Stack will continue the
loop, searching for the next Authorization header
(back to step 3).
7. If there are no more Authorization headers,
RvSipXXXAuthCompletedEv will be called, with Failure
indication
8. When the RvSipCallLegAuthCompletedEv is called, the
application should decide how to respond to the request. If the
completed status is failure, the application should respond with
RvSipXXXRespondUnauthenticated. If the completed status is
success, the application should respond as usual, according to
the request type, and object state.
Figure 10-1 describes the server authentication process flow: