[Asterisk-Dev] Why Proxy-Authenticate instead of WWW-Authenticate
devans at invores.com
Thu Jun 9 06:19:35 MST 2005
* doesn't always use Proxy-Authenticate. Trace a REGISTER request to
Nufone (User-Agent: Asterisk PBX) and it responds with a 401
Unauthorized and a WWW-Authenticate: header, and my * in turn sends
Authorization: VoicePulse (also User-Agent: Asterisk PBX) responds with
407 Proxy Authentication Required and a Proxy-Authenticate: header, and
my * responds in kind with Proxy-Authorization:.
Seems like it's already configurable.
Olle E. Johansson wrote:
> Steven wrote:
>>On Thu, 2005-06-09 at 07:37 +0200, Olle E. Johansson wrote:
>>>Mikael Magnusson wrote:
>>>>It's often mentioned on the list that Asterisk is an user SIP agent and not a
>>>>proxy. But why is then Proxy-Authenticate (and 407 Proxy
>>>>Authentication Required) used instead of WWW-Authenticate
>>>>(and 401 Unauthorized) in chan_sip. According to section 22.1 Framework
>>>>in RFC 3261:
>>>> In SIP, a UAS uses the 401 (Unauthorized) response to challenge the
>>>> identity of a UAC.
>>>I fully agree, but all patches to fix this has been refused because of
>>>fear we might break something. This makes it hard to use Asterisk
>>>together with an outbound proxy that authenticates.
>>Has it been tried with a config option to turn it on or off?
> Well, no one has proved any problems with fixing it according to
> standard. I don't like having default behaviour being non-standard.
> (And yes, I don't like the "pedantic" option.. Default behaviour being
> non-standard? Tsss).
> We could have an option for backwards compatibility, yes, to turn on if
> people really need to break the RFCs.
> Asterisk-Dev mailing list
> Asterisk-Dev at lists.digium.com
> To UNSUBSCRIBE or update options visit:
More information about the asterisk-dev