01: /**
02: * ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
03: * Unpublished - rights reserved under the Copyright Laws of the United States.
04: * Copyright © 2003 Sun Microsystems, Inc. All rights reserved.
05: * Copyright © 2005 BEA Systems, Inc. All rights reserved.
06: *
07: * Use is subject to license terms.
08: *
09: * This distribution may include materials developed by third parties.
10: *
11: * ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
12: *
13: * Module Name : JSIP Specification
14: * File Name : ProxyAuthenticateHeader.java
15: * Author : Phelim O'Doherty
16: *
17: * HISTORY
18: * Version Date Author Comments
19: * 1.1 08/10/2002 Phelim O'Doherty
20: *~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
21: */package javax.sip.header;
22:
23: /**
24: * A Proxy-Authenticate header field value contains an authentication
25: * challenge. When a UAC sends a request to a proxy server, the proxy server
26: * MAY authenticate the originator before the request is processed. If no
27: * credentials (in the Proxy-Authorization header field) are provided in the
28: * request, the proxy can challenge the originator to provide credentials by
29: * rejecting the request with a 407 (Proxy Authentication Required) status
30: * code. The proxy MUST populate the 407 (Proxy Authentication Required)
31: * message with a Proxy-Authenticate header field value applicable to the
32: * proxy for the requested resource. The field value consists of a challenge
33: * that indicates the authentication and parameters applicable to the proxy
34: * for this RequestURI.
35: * <p>
36: * Note - Unlike its usage within HTTP, the ProxyAuthenticateHeader must be
37: * passed upstream in the Response to the UAC. In SIP, only UAC's can
38: * authenticate themselves to proxies.
39: * <p>
40: * Proxies MUST NOT add values to the Proxy-Authorization header field. All
41: * 407 (Proxy Authentication Required) responses MUST be forwarded upstream
42: * toward the UAC following the procedures for any other response. It is the
43: * UAC's responsibility to add the Proxy-Authorization header field value
44: * containing credentials for the realm of the proxy that has asked for
45: * authentication.
46: * <p>
47: * When the originating UAC receives the 407 (Proxy Authentication Required)
48: * it SHOULD, if it is able, re-originate the request with the proper
49: * credentials. It should follow the same procedures for the display of the
50: * "realm" parameter that are given above for responding to 401. If no
51: * credentials for a realm can be located, UACs MAY attempt to retry the
52: * request with a username of "anonymous" and no password (a password of "").
53: * The UAC SHOULD also cache the credentials used in the re-originated request.
54: * <p>
55: * For Example:<br>
56: * <code>Proxy-Authenticate: Digest realm="jcp.org",
57: * domain="sip:ss1.duke.com", qop="auth",
58: * nonce="f84f1cec41e6cbe5aea9c8e88d359", opaque="", stale=FALSE,
59: * algorithm=MD5</code>
60: *
61: * @see Parameters
62: * @see ProxyAuthorizationHeader
63: * @author BEA Systems, NIST
64: * @version 1.2
65: */
66: public interface ProxyAuthenticateHeader extends WWWAuthenticateHeader {
67:
68: /**
69: * Name of ProxyAuthenticateHeader
70: */
71: public final static String NAME = "Proxy-Authenticate";
72:
73: }
|