Greger V. Teigre wrote:
BTW, makes me recall another thing we have seen: Some UAs actually do two auths against the DB every time a registration arrives. Once for the first INVITE (which receives an "auth required") and then another time with a new nonce. I think it has something to do with the UA including the old credentials in the first INVITE even though the nonce has expired and an auth must be done to verify that the credentials are incorrect. Have you seen this behavior? g-)
Yes, I've seen this once but can't remember which client it was. IMO it is a good idea to include the credentials (from the last nonce) in all requests. If the nonce is still valid, this avoids the second request with the credentials. On the other hand, it increases traffic on the authentication servers. Don't know whats better :-)
regards, klaus