Symbian
Symbian Developer Library

SYMBIAN OS V9.4

Feedback

[Index] [Previous] [Next]


How to handle authentication challenges

SIP provides an xSP (Extended Service Provider) feature which allows a SIP client to handle authentication problems for services such as registration and session establishment, on its own. By default, these problems are handled by the SIP server.

SIP provides the following components to support xSP:

These components are used when a SIP client chooses to handle authentication challenges on its own. They use CSIPAuthorizationHeader and CSIPProxyAuthorizationHeader objects to manipulate the registration or session initiation request headers when an authentication problem is reported. Then, they try to reregister a profile or reinitiate a session using the updated headers.

For a client to be able use xSP, it must inform the SIP server by disabling SIP's built-in security mechanism using the CSIP::SetSecurityHandlingL() function. If the client is not sure who is handling the authentication challenges, it can find out by using the CSIP::IsSecurityHandlingEnabled() function. This function returns ETrue if SIP's built-in security mechanism is used.

The following sequence diagram shows the call flow of handling authentication challenges while registering a SIP profile:

Call flow for handling 401 challenges us...


Call flow for handling 401 challenges using xSP profile agent plug-in

In the diagram above, the client chooses to handle authentication challenges related to profile registration on its own. All authentication errors are then forwarded to the xSP profile agent plug-in. When an error is reported to the plug-in, it runs a proprietary authentication procedure and tries to reregister the profile.

The following sequence diagram shows the call flow of handling authentication challenges while establishing a session:

Call flow for handling 401 challenges us...


Call flow for handling 401 challenges using xSP provider

In the diagram above, the client chooses to handle authentication challenges related to session initiation. All the authentication errors are then forwarded to the xSP provider. When an error is reported to the provider, it runs a proprietary authentication procedure and tries to reinitiate the session.

[Top]


See also

How to use the SIP Client API