[SIPForum-discussion] Why *stale* is required?
kamlesh
kamlesh at worldphone.in
Fri Jan 2 10:33:32 UTC 2009
Hello,
This attribute is sent by a RADIUS server in order to notify the RADIUS
client whether it has accepted a nonce. If the nonce presented by the
RADIUS client was stale, the value is 'true' and is 'false'
otherwise. The server should remember nonce values that it has recently
generated. It may also remember when each nonce value was issued, expiring
them after a certain amount of time. If an expired value is used, the server
should respond with the "401" status code and add stale=TRUE to the
authentication header - indicating that the client should re-send with the
new nonce provided, without prompting the user for another user name and
password.
Thanks,
Kamlesh
From: discussion-bounces at sipforum.org
[mailto:discussion-bounces at sipforum.org] On Behalf Of Vivek Batra
Sent: 01 January 2009 12:01
To: discussion at sipforum.org
Subject: [SIPForum-discussion] Why *stale* is required?
Hi,
Is anybody aware about the usage of *Stale=True/ False* in the
authentication header 401 Unauthorized?? Sample message is shown below:
SIP/2.0 401 Unauthorized
Via: SIP/2.0/UDP
10.70.183.2:5060;branch=z9hG4bKcdb534c57e244b82;received=10.70.183.2
From: <sip:45461@<asterisk01>;user=phone>;tag=275866099
To: <sip:45461@<asterisk01>;user=phone>;tag=as791f0352
Call-ID: 3128633449 at 10.70.183.2
CSeq: 282 REGISTER
User-Agent: Asterisk PBX
Allow: INVITE, ACK, CANCEL, OPTIONS, BYE, REFER, SUBSCRIBE, NOTIFY
Contact: <sip:45461@<asterisk01>>
WWW-Authenticate: Digest realm="asterisk", nonce="2d931ee6", stale=true
Content-Length: 0
Best Regards,
Vivek Batra
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://sipforum.org/pipermail/discussion/attachments/20090102/9995d05a/attachment-0002.html>
More information about the discussion
mailing list