10 Aug
2004
10 Aug
'04
9:09 a.m.
On 10-08 02:11, Klaus Darilion wrote:
SIP allows multiple credentials in one request. These credentials differ in the realm string. So using the same realm for 2 hops does not work as long as the hops are not synchronized in producing the nonce. Maybe it can work if the proxy uses proxy-authentication and the SIPURA uses www_authentication.
No, the trick with proxy-authentication and www-authentication will not work. You have to either syncronize the nonce validation or use distinct realms.
The question is how widely are multiple credentials within a single SIP message supported in existing implementations. I saw many implementations that give up after second 401 or 407 even if there is a new challenge in the reply.
Jan.