Understanding Identity Assertion with the Identity and Identity-Info Headers

Converged Application Server can also perform identity assertion using the Identity and Identity-Info headers, as described in RFC 4474. As with the p-asserted-identity assertion mechanism, Identity header assertion requires that you first configure the appropriate security provider (the IdentityHeaderAsserter provider) in Converged Application Server.

When asserting the identity of inbound requests having the Identity and Identity-Info headers, Converged Application Server considers the values of the identity-assertion and identity-assertion-support elements in sip.xml as well as the presence of a configured security provider.

Figure 5-4 Managing Inbound Requests Having Identity and Identity-Info Headers