[Serusers] SER and the SPA3000
Andres
andres at telesip.net
Fri Aug 13 05:33:04 CEST 2004
Jan Janak wrote:
>On 09-08 20:16, Andres wrote:
>
>
>>SER blocked the 401 because we had a failure route associated with that
>>route block. The purpose was to send calls to voicemail in case of some
>>failure/timeout. The 401 was treated as a failure so it was never
>>forwarded to UA1. I disabled the "t_on_failure", and now the 401 did
>>reach back to the UA1. The UA1 would then redo the INVITE with the
>>proper credentials for the SPA3000, but now SER would block and send
>>back a 407 since we have a proxy_authorize on INVITES, and the
>>credentials had already been modified. So now it is very clear that
>>this is not possible. What had me stumped was the t_on_failure deal
>>that was blocking the 401 response.
>>
>>
>
> Modified ? It should add them. According to the specification it is
> possible, if there are 2 digest challenges (distinguished by realm) in a
> response then the user agent should generate two digest replies if it has
> credentials for them and put them in the new message.
>
>
> SER will pick one of the digest headers, SIPURA should pick the other
> one and the message will get through.
>
>
It should but it doesn't. Once it gets challenged by the 401 it forgets
all about the previous challenge with the 407. In other words the new
INVITE only has the digest reply to the new 401.
> Jan.
>
>
>
More information about the sr-users
mailing list