Patton electronic SmartNode 4110 Series IP Phone User Manual


 
Applications 568
SmartWare Software Configuration Guide 46 • Context SIP gateway overview
authenticate 1 authentication-service AUTH_PATTON username boss
If the gateway receives an incoming request without credentials, the following procedure takes place:
1. Determine the location-service which challenges credentials. The domain of the location service must
match the host part of the request-uri and the location-service is bound to the context sip-gateway which
handles the request.
2. Determine the identity which challenges credentials. The name or the alias of the identity must match the
user part of the request-uri. If there is no identity that matches and an identity-group with the name
“default” is configured, the identity-group “default” is taken.
3. Determine the authentication-service which challenges credentials. The first authentication entry of the
taken identity or identity-group where a realm is configured is taken.
4. The first realm in the authentication-service is used for challenging the request. If no realm was found no
challenging is possible.
If one of these steps has no result and fails, challenging is not possible for that request and the request is
accepted.
If the gateway receives an incoming request with credentials, the following procedure takes place:
1. Determine the location-service which challenges credentials. The domain of the location service must
match the host part of the request-uri and the location-service is bound to the context sip-gateway which
handles the request.
2. Determine the identity which challenges credentials. The name or the alias of the identity must match the
user part of the request-uri. If there is no identity that matches and an identity-group with the name
“default” is configured, the identity-group “default” is taken.
3. Check credentials. All authentication entries of the taken identity or identity-group are compared with the
provided credentials. If one matches the request is accepted.
4. An authentication entry matches if the username and password matches with the configured credentials
and one realm in the authentication-service match exactly the realm challenged or the authentication-ser-
vice has no realm configured.
If one of these steps has no result and fails, the request is treated as a request without credentials.
Outbound Registration
The back-to-back user agent can register identities on a sip registrar. Therefore, a registration outbound face
with the register “auto” command is needed. The address of record is built with the domain of the location-ser-
vice and the name of the identity. The REGISTER request is sent to the configured registrar or, if missing, to
the domain configured in the location-service.
If the registration is successful, the registrar forwards requests that are destined to the address of record to the
back-to-back user agent.