Message Authentication for SIP Requests

The Oracle Communications Unified Session Manager authenticates requests by configuring the sip authentication profile configuration element. The name of this configuration element is either configured as a parameter in the sip registrar configuration element’s authentication profile parameter or in the sip interface configuration element’s sip-authentication-profile parameter. This means that the Oracle Communications Unified Session Manager can perform SIP digest authentication either globally, per domain of the Request URI or as received on a SIP interface.

After naming a sip authentication profile, the received methods that trigger digest authentication are configured in the methods parameter. You can also define which anonymous endpoints are subject to authentication based on the request method they send to the Oracle Communications Unified Session Manager by configuring in the anonymous-methods parameter. Consider the following three scenarios:

1. By configuring the methods parameter with REGISTER and leaving the anonymous-methods parameter blank, the Oracle Communications Unified Session Manager authenticates only REGISTER request messages, all other requests are unauthenticated.
2. By configuring the methods parameter with REGISTER and INVITE, and leaving the anonymous-methods parameter blank, the Oracle Communications Unified Session Manager authenticates all REGISTER and INVITE request messages from both registered and anonymous endpoints, all other requests are unauthenticated.
3. By configuring the methods parameter with REGISTER and configuring the anonymous-methods parameter with INVITE, the Oracle Communications Unified Session Manager authenticates REGISTER request messages from all endpoints, while INVITES are only authenticated from anonymous endpoints.