[SIPForum-discussion] Why *stale* is required?
vlauwers at drtech.fr
vlauwers at drtech.fr
Fri Jan 2 10:52:11 UTC 2009
Hello
See RFC 2617:
stale
A flag, indicating that the previous request from the client was
rejected because the nonce value was stale. If stale is TRUE
(case-insensitive), the client may wish to simply retry the request
with a new encrypted response, without reprompting the user for a
new username and password. The server should only set stale to TRUE
if it receives a request for which the nonce is invalid but with a
valid digest for that nonce (indicating that the client knows the
correct username/password). If stale is FALSE, or anything other
than TRUE, or the stale directive is not present, the username
and/or password are invalid, and new values must be obtained.
Regards,
> Hi,
>
> Is anybody aware about the usage of *Stale=True/ False* in the
> authentication header 401 Unauthorized?? Sample message is shown below:
>
>
>
> SIP/2.0 401 Unauthorized
> Via: SIP/2.0/UDP
> 10.70.183.2:5060;branch=z9hG4bKcdb534c57e244b82;received=10.70.183.2
> From: <sip:45461@<asterisk01>;user=phone>;tag=275866099
> To: <sip:45461@<asterisk01>;user=phone>;tag=as791f0352
> Call-ID: 3128633449 at 10.70.183.2
> CSeq: 282 REGISTER
> User-Agent: Asterisk PBX
> Allow: INVITE, ACK, CANCEL, OPTIONS, BYE, REFER, SUBSCRIBE, NOTIFY
> Contact: <sip:45461@<asterisk01>>
> WWW-Authenticate: Digest realm="asterisk", nonce="2d931ee6", stale=true
> Content-Length: 0
>
>
>
>
>
> Best Regards,
>
> Vivek Batra
>
> _______________________________________________
> This is the SIP Forum discussion mailing list
> TO UNSUBSCRIBE, or edit your delivery options, please visit
> http://sipforum.org/mailman/listinfo/discussion
> Post to the list at discussion at sipforum.org
>
More information about the discussion
mailing list