Greg Fausak wrote:
On Aug 9, 2004, at 4:30 AM, Milivoje Mirovic wrote:
Hello,
I have 2 simple questions:
1. What is the difference between www_authorize and
proxy_authorize functions?
When a request comes to the SER proxy that it
feels compelled to authenticate (like an INVITE or REGISTER)
the *_authorize function creates a challenge and
bounce the request back to the requester.
I always use proxy_authorize, but I have also used www_authorize
in the past. I believe you would use www_authorize if you were
a UAC, and proxy_authorize if you are a UAS (User Agent Client|Server),
but I do not know for sure.
RFC3261 distinguishes between authentication in intermediate hops like
proxies (=proxy_authorize) and authentication in the final hop (the user
agent server, =www_authorize).
For REGISTER messages, the proxy is usually the final hop. Therefore,
you have to use www_authorize.
For all other messages, the proxy acts as intermediate hop and therefore
proxy_authorize is the way to go!
regards,
klaus