Technical Manual
U-SYS MRS6100 Media Resource Server
Chapter 5 MGCP and SIP
Huawei Technologies Proprietary
5-48
Accept-Language: en
z Authorization
The Authorization field contains authentication credentials of a UA.
The following introduces a general process for UA to request an authorization from
the server.
If the server requires authorizing the user when UA originates a request, a nonce is
generated at the local end for this authorization and all parameters necessary for the
authorization request field are returned to UA to initiate a user authorization process.
Upon receipt of the authorization request, UA generates an encrypted response using
a particular algorithm according to the information returned from the server and the
user configurations. UA sends the response through a new request message to the
server.
Upon the receipt of a new request with the authorization response, the server firstly
checks the correctness of the nonce. If the nonce is not generated locally, the server
returns a failure message. If the nonce is generated locally but the authorization
expires, the server regenerates a nonce and reinitiates a user authorization
procedure. The earlier nonce is returned with the cnonce parameter.
If the nonce passes the verification, the server generates a response with the same
algorithm as UA according to the nonce, URI, username and password (the server
can obtain the password of the user from the local user information). In addition, the
server compares the generated response with the response carried in the request
message. If they are identical, the user successfully passes the authorization.
Otherwise, the authorization fails.
The Authorization field has a generic format:
Authorization: method username, realm, nonce, response, URI, cnonce, algorithm
The authorization methods include digest, basic, chap-password, and carddigest.
Digest is an HTTP-digest method.
Username indicates the authenticated user.
Realm is used to identify the domain from which the authorization procedure is
initiated.
Nonce is an encryption factor that is generated by the entity initiating the
authorization procedure.
Response is a string of characters that UA generates, by using a particular algorithm,
according to the nonce, username, password, and URI from the server upon receipt of
the authorization request. The string contains the encrypted password of the user.
(During the authorization procedure, UA and the server exchange other information,
except password, in plain text in SIP messages.)
URI refers to the request-URI of the originated call request message. UA is required to
re-originate a request with the authorization response information to the server after
To Next Page
Loading...
