[SIPForum-discussion] Query about 407 proxy authentication Required in SIP response

John Downing john at trainingcity.com
Mon Sep 8 17:53:30 UTC 2014 

The 407 response is correct when you are attempting to pass your SIP
message through a proxy server.  In the case of REGISTER you send the SIP
method to the proxy which then passes it to the registrar.  As a practical
matter these two separate servers generally exist "inside" the same
device/software application, namely the "SIP server".

the 401 response is generated by a SIP end device such as a SIP Phone, not
by a SIP Proxy Server.  Technically it is the UAS component of the SIP
phone that responds with the 401.  As a general matter, many SIP
deployments are architected to implement 407 Proxy Authorization for all
REGISTER and most/all INVITE methods.  The SIP 401 response is much less
common as many SIP end points (SIP Phones) will only accept incoming SIP
Methods from the Proxy Server.

The other SIP methods such as CANCEL, BYE, ACK, etc. usually are configured
to pass through the Proxy Server without Authorization, however there are
plenty of exceptions to this, and it is acceptable for you to require a 407
response to every SIP method arriving from any UAC.



Thanks... John

John Downing
John at TrainingCity.com
613-883-1235
800-381-5654
Linkedin: www.linkedin.com/in/downing99

On Mon, Sep 8, 2014 at 2:08 AM, Durgesh kumar singh <durgeshk1990 at gmail.com>
wrote:

> Hello,
>
>
> I have been reading about SIP register flow and most of the place i found
> that whenever any SIP client try to Register then server response with 401
> unauthorized and then http-digest authentication field added in our next
> Register message headers by which our client get register successfully.
>
> In our project when our SIP client try to register then it first passes
> with a *proxy server* then to *IntraSwitch SIP server.*
>
> In our case Registration flow is look like this.
>
>
> SIP Client                                         SIP Server
>
>     REGISTER with no authentication
> A --------------------------------------------->
>
>     407 Proxy Authentication required
> A <--------------------------------------------
>
>      REGISTER with Authentication
> A --------------------------------------------->
>
>                200 OK 1 binding
> A <--------------------------------------------
>
> So here my question is that is *407 proxy Authentication required *SIP
> response is correct response for SIP registration or it should be *401
> Unauthorized ?*
>
> Please clear my concept.
>
> Regards,
> Durgesh Kumar Singh
>
>
> _______________________________________________
> This is the SIP Forum discussion mailing list
> TO UNSUBSCRIBE, or edit your delivery options, please visit
> http://sipforum.org/mailman/listinfo/discussion
> Post to the list at discussion at sipforum.org
>
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://sipforum.org/pipermail/discussion/attachments/20140908/18a93ccc/attachment-0002.html>

More information about the discussion mailing list