Greg Fausak wrote:
On Aug 9, 2004, at 4:30 AM, Milivoje Mirovic wrote:
Hello,
I have 2 simple questions:
- What is the difference between www_authorize and
proxy_authorize functions?
When a request comes to the SER proxy that it feels compelled to authenticate (like an INVITE or REGISTER) the *_authorize function creates a challenge and bounce the request back to the requester. I always use proxy_authorize, but I have also used www_authorize in the past. I believe you would use www_authorize if you were a UAC, and proxy_authorize if you are a UAS (User Agent Client|Server), but I do not know for sure.
RFC3261 distinguishes between authentication in intermediate hops like proxies (=proxy_authorize) and authentication in the final hop (the user agent server, =www_authorize).
For REGISTER messages, the proxy is usually the final hop. Therefore, you have to use www_authorize.
For all other messages, the proxy acts as intermediate hop and therefore proxy_authorize is the way to go!
regards, klaus