AudioCodes Mediant 4000 SBC User Manual page 550
Session border controllers
Hide thumbs
Also See for Mediant 4000 SBC:
- User manual (964 pages) ,
- Hardware installation manual (40 pages) ,
- User manual (930 pages)
Table of Contents
Advertisement
CHAPTER 22 SBC Overview
Content-Length:...
Authorization: Basic
dGVzdEludHJvc3BlY3Q6NTliZDA4NGUtMTJlNi00N2I5LWJmNz
token=<Access Token from Bearer in SIP Authorization header>
4.
The OAuth Authorization server checks (introspects) if the token is currently active (or if it has
expired or revoked). Upon a successful introspection, the OAuth Authorization server sends to
the device a 200 OK response containing a JSON body ("application/ json").
5.
The device checks the following attributes in the received JSON body:
●
"active": A "true" value indicates a valid token and the device allows the user access to its
resources and continues with the regular handling and processing of the SIP request (e.g.,
registers user or processes the call). A "false" value indicates an invalid token and the
device responds to the SIP request with a 401 (Unauthorized) response containing the
header 'WWW-Authenticate: Bearer error="invalid-token"', indicating authentication
failure.
●
"username": (Optional attribute) When it exists, the device compares it to the AOR of the
SIP message. For REGISTER requests, the AOR is taken from the To header; for all other
requests, the AOR is taken from the From header. If the username includes a "@"
character, the entire AOR is compared; otherwise, only the user-part of the AOR is
compared. If comparison fails, the device responds to the SIP request with a 401
(Unauthorized) response containing the header 'WWW-Authenticate: Bearer
error="invalid_request"', indicating authentication failure.
Figure 22-1: General Stages of OAuth-based Authentication
The main configuration required for OAuth-based authentication, includes the following:
■
Configuring a Remote Web Service to represent the OAuth Authentication server
■
Configuring the source IP Group (client) to authenticate by an OAuth Authorization server
The following provides a step-by-step example of configuring OAuth authentication.
➢
To configure OAuth-based authentication:
1.
Open the Remote Web Services table (see
and then configure a Remote Web Service to represent the OAuth Authentication server:
Parameter
'Name'
'Type'
Configuring Remote Web Services
Value
"OAUth-Server"
General
- 517 -
Mediant 4000 SBC | User's Manual
on page 247),
Comment
Any descriptive name.
-
Advertisement
Table of Contents
Troubleshooting
