1. Configuration Guide
  2. SIP Signaling Services
  3. Surrogate Agents and the Oracle Communications Session Border Controller
  4. Surrogate Agent Authentication Across Realms
  5. Configure Authentication Attributes on a Realm

Configure Authentication Attributes on a Realm

In the Oracle Communications Session Border Controller ACLI, you can access the Digest Authentication object at the path media-manager, realm-config, auth-attribute. If enabled, this feature uses the attributes and values listed in this table. You perform this configuration to the realm-config on which the softswitch resides.

Note:

If enabling Digest Authentication, all attributes listed below are required except for the in-dialog-methods attribute, which is optional.

To configure digest authentication on the Oracle Communications Session Border Controller:

  1. In Superuser mode, type configure terminal and press Enter. 
    ORACLE# configure terminal
  2. Type media-manager and press Enter to access the media manager-related objects. 
    ORACLE(configure)# media-manager
ORACLE(session-router)#
  3. Type realm-config and press Enter. 
    ORACLE(media-manager)# realm-config
ORACLE(realm-config)#
  4. Create or select the realm-config on which the softswitch resides.
  5. Type auth-attributes and press Enter to access the digest authentication-related attributes. 
    ORACLE(realm-config)# auth-attributes
ORACLE(auth-attributes)#
  6. auth-realm — Enter the identifier of this realm, which initiates the authentication challenge. This value defines the protected space in which the digest authentication is performed. Valid value is an alpha-numeric character string. Default is blank. 
    ORACLE(auth-attribute)# auth-realm realm01
  7. username — Enter the username of the client. Valid value is an alpha-numeric character string. Default is blank. 
    ORACLE(auth-attribute)# username user
  8. auth-user-lookup — Enter a name for this auth-user-lookup. You use this same name when configuring the auth-user-lookup within the attributes of the local-policy you use for this surrogate agent. Default is blank. 
    ORACLE(auth-attribute)# auth-user-lookup user
  9. password — Enter the password associated with the username of the client. This is required for all LOGIN attempts. Password displays while typing but is saved in clear-text (i.e., *****). Valid value is an alpha-numeric character string. Default is blank. 
    ORACLE(auth-attribute)# password *******
  10. in-dialog-methods — Enter the in-dialog request method(s) that digest authentication uses from the cached credentials. Specify request methods in a list form separated by a space enclosed in parentheses. Valid values are:
    • INVITE
    • BYE
    • ACK
    • CANCEL
    • OPTIONS
    • SUBSCRIBE
    • PRACK
    • NOTIFY
    • UPDATE
    • REFER
    ORACLE(auth-attribute)# in-dialog-methods (ack invite subscribe)

    If you do not specify any in-dialog-method value(s), digest authentication does not add challenge-responses to in-dialog requests within a dialog. This attribute setting applies to in-dialog requests only.

    Note:

    The methods not in this list are still resubmitted if a 401/407 response is received by the Oracle Communications Session Border Controller.
  11. Type done to save changes to this realm-config.
  12. Save and activate your configuration.
Configure the applicable local-policy. This configuration includes setting the auth-user-lookup parameter in the applicable local-policy-attribute with the same value as the auth-user-lookup above.