Snom 4S Administrator's Manual page 53

[
S N O M
This challenging is used to protect destinations and authorize
registrations in the standard web interface settings. However, you can
also implement your own policy by overwriting the function challenge.
When a request arrives at the proxy, the proxy checks if the
request contains credentials from a recently generated question (nonce).
If that is the case the proxy will process the requests without further
authorization checking.
If this is not the case, it calls the function "challenge" and if that
function returns "true" it generates a new nonce and rejects the request
with the code 407 (Proxy Authorization Required). If the user agent has
the matching password, it will send another request which matches the
generated response and then the request will be processed.
Default Implementation
The default implementation differentiates between REGISTER
and other methods, just like the web interface does it.
For REGISTER requests, it asks for credentials only of general
authorization has been turned on or the user us known.
For other requests, it goes through the list of protected
destinations and checks if the pattern matches the request URI.
challenge() {
if ($method == "REGISTER") {
if ($force_authorization || known(parse_user($from))) {
return true;
}
}
else {
foreach($i, $auth_exception) {
if (match($i, $request_uri)) return true;
}
}
return false; #default
}
4 S P / R
R O X Y E G I S T R A R
M ]
A N U A L
snom technology AG • 53