On 09-08 20:16, Andres wrote:
SER
blocked the 401 because we had a failure route associated with that
route block. The purpose was to send calls to voicemail in case of some
failure/timeout. The 401 was treated as a failure so it was never
forwarded to UA1. I disabled the "t_on_failure", and now the 401 did
reach back to the UA1. The UA1 would then redo the INVITE with the
proper credentials for the SPA3000, but now SER would block and send
back a 407 since we have a proxy_authorize on INVITES, and the
credentials had already been modified. So now it is very clear that
this is not possible. What had me stumped was the t_on_failure deal
that was blocking the 401 response.
Modified ? It should add them. According to the specification it is
possible, if there are 2 digest challenges (distinguished by realm) in a
response then the user agent should generate two digest replies if it has
credentials for them and put them in the new message.
SER will pick one of the digest headers, SIPURA should pick the other
one and the message will get through.
Jan.