[asterisk-dev] [Code Review] SIP authentication support

Olle E. Johansson oej at edvina.net
Mon Feb 11 16:09:27 CST 2013


11 feb 2013 kl. 22:08 skrev "Mark Michelson" <reviewboard at asterisk.org>:

> This means that Asterisk may send multiple WWW-Authenticate headers out in an authentication challenge and can cope with multiple Authorization headers in requests.
Hi!
A small clarification:

An endpoint that wants to authenticate a request should only send ONE www-authenticate in one response.

It can receive multiple proxy-authenticate and ONE www-authenticate in a response, and thus needs to send multiple proxyauth and one www auth in a request.

Now, if we have multiple auth methods as a server, like md5 and SHA256 I don't know what to do really... This needs to be investigated.

Cheers
/O
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.digium.com/pipermail/asterisk-dev/attachments/20130211/1194703e/attachment.htm>


More information about the asterisk-dev mailing list