[Serusers] authorisation, voicemail

Klaus Darilion klaus.mailinglists at pernau.at
Tue Aug 10 02:11:41 CEST 2004



Greg Fausak wrote:

> On Aug 9, 2004, at 4:30 AM, Milivoje Mirovic wrote:
> 
>> Hello,
>>
>> I have 2 simple questions:
>>
>> 1. What is the difference between www_authorize and
>> proxy_authorize functions?
>>
> 
> When a request comes to the SER proxy that it
> feels compelled to authenticate (like an INVITE or REGISTER)
> the *_authorize function creates a challenge and
> bounce the request back to the requester.
> I always use proxy_authorize, but I have also used www_authorize
> in the past.  I believe you would use www_authorize if you were
> a UAC, and proxy_authorize if you are a UAS (User Agent Client|Server),
> but I do not know for sure.
> 

RFC3261 distinguishes between authentication in intermediate hops like 
proxies (=proxy_authorize) and authentication in the final hop (the user 
agent server, =www_authorize).

For REGISTER messages, the proxy is usually the final hop. Therefore, 
you have to use www_authorize.

For all other messages, the proxy acts as intermediate hop and therefore 
proxy_authorize is the way to go!

regards,
klaus




More information about the sr-users mailing list