Internet Communications Using SIP : Delivering VoIP and Multimedia Services With Session Initiation Protocol {2Nd Ed.}

(Steven Felgate) #1

between the user agent requestor and the proxy or user agent requiring the
authentication. Any SIP request can be challenged for authentication.
The shared secret usually will be an encrypted username and password. A
typical authentication SIP message exchange between user agents has the form
INVITE/401 Authentication Required/ACKin which the user agent
discovers that the request requires authentication, and also learns the nature of
the authentication challenge from the 401 response. Then, a new INVITEcon-
taining an Authorizationheader is resent. If it contains the correct creden-
tials, the call will proceed as normal. Otherwise, another 401 response will be
received.
A proxy server can also request authentication using the 407 Proxy
Authentication Requiredresponse. However, there is no support for one
proxy to authenticate another proxy in SIP. Instead, a proxy can establish a
secure connection to another proxy using IPSec.


Figure 6.12 Presence publication


SIP User Agent


1 INVITE

Proxy Server SIP User Agent

5 100 Trying

8 401 Unauthorized
9 ACK
10 ACK

7 401 Unauthorized

6 INVITE

13 100 Trying

15 180 Ringing

17 200 OK

18 ACK
19 ACK

11 INVITE
12 INVITE

16 200 OK

2 407 Proxy Authentication Req.

14 180 Ringing

3 ACK

4 INVITE

Authenticated Media Session

SIP Overview 129
Free download pdf