1. User's Guide
  2. Registrar and Authentication

3 Registrar and Authentication

By providing a location service from within it, the Oracle Enterprise Communications Broker (OECB) offloads related infrastructure from providing that information for every session. The OECB can use SIP digest authentication to confirm service authorization and verify user registrations by way of internal or external mechanisms. If using an external mechanism for this purpose, some adaptation of that mechanism is required. You enable the registrar, configure the applicable domains (including serviced and digest domains) and, if required, define the authentication to use for all registrations by way of configuration on the GUI.

You enable the OECB single registry service globally. When registration functionality is enabled, the OECB registers endpoints rather than only caching and forwarding registrations to another device.

On receiving a REGISTER message, the OECB checks if it is responsible for the domain contained in the Request-URI, as configured in the domains list. The OECB begins registrar functions for all requests that match a configured domain.

When there is no authentication configured, the system adds every user that attempts to register to the registration cache. When you configure authentication, the system can authorize and verify the caller by way of the LST or an external LDAP resource. In these use cases, the system uses SIP digest to authenticate the caller, based on authentication information from the LST or LDAP. The following diagram and steps explain a call flow with authentication and interaction with LDAP resources, especially Active Directory.
  1. A UA is fully registered after the system installs it in the registration cache.
  2. The OECB sends a 200 OK message back to the registering UA.
  3. When a user registers with the registrar, the system looks for the To header AoR in the LST. If the LST contains a subscriber with the AoR (or username if no AoR specified) that matches, the system adds the universal number of the subscriber as an alias to the registration cache.
The preceding text and steps describe this diagram.