[SIPForum-discussion] How to validate authentication using HTTP digest authentication

• Previous message: [SIPForum-discussion] SIP refresh register
• Next message: [SIPForum-discussion] SIP signalling during voice mail in IMS domain
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

Dear Kamrul,

Please follow this link :   
http://en.wikipedia.org/wiki/Digest_access_authentication

Small explanation below :

Dialer registers user user3 with password 3.
After sending REGISTER we get following 407 proxy auth :

Proxy-Authenticate: DIGEST realm="SoftSwitch",  
nonce="06e5087c107ba90e09210900901581001501"

Then its needed to calculate 3 values HA1 HA2 and response :
1. HA1=MD5(A1)=MD5(username:realm:password) = MD5(user3:SoftSwitch:3) =  
796fbd6779a25e223ec08293d1f6e2b2
2. HA2=MD5(A2)=MD5(method:digestURI) = MD5(REGISTER:sip:37.38.157.28:5060)  
=  9f7b2230b13f7b5fe6a122d6cbc2e2e8
3. response=MD5(HA1:nonce:HA2) = MD5(796fbd6779a25e223ec08293d1f6e2b2:  
06e5087c107ba90e09210900901581001501:9f7b2230b13f7b5fe6a122d6cbc2e2e8) =   
f6ac6de2278f90c3438b0476c0f5dd36

The dialer response also was follwoing :

Proxy-Authorization: Digest username="user3", realm="SoftSwitch",  
nonce="06e5087c107ba90e09210900901581001501", uri="sip:37.38.157.28:5060",  
response="f6ac6de2278f90c3438b0476c0f5dd36 "

Server needs to get the username given by dialer, password from DB and  
recalculate response on his side if it match then user is authorized.

Best regards,
Tom





W dniu .08.2014 o 20:01 Kamrul Khan <dodul at live.com> pisze:

> Hi,
>
> I am testing my sip dialer usingHTTP digest authentication in the server  
> side. Now, the response my dialer is sending is,
>
> Digest username="bob", realm="192.168.146.133", nonce="5e954418",  
> uri="sip:192.168.146.133", >response="ec221690633f2ae691669c4083832fd8",  
> algorithm=MD5
>
> However, the original password that I set was 1234 and the md5 value of  
> 1234 is 81dc9bdb52d04dc20036dbd8313ed055 >(according to  
> http://www.miraclesalad.com/webtools/md5.php) Now how do I match the  
> password? Someone please help.
>
> BR//Kamrul



-- 
Używam klienta poczty Opera Mail: http://www.opera.com/mail/
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://sipforum.org/pipermail/discussion/attachments/20140905/0f81aafb/attachment-0002.html>

• Previous message: [SIPForum-discussion] SIP refresh register
• Next message: [SIPForum-discussion] SIP signalling during voice mail in IMS domain
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]