我目前正在用纯java开发一个SIP客户端,使用JAIN SIP API来注册、认证并向运行在另一台机器上的Asterisk服务器发送消息。
我通过两个步骤来处理注册和认证过程:1. 发出注册SIP请求2. 如果响应是401(它是)从Asterisk中检索www - AuthenticationHeader,并使用该参数为我正在填充的AuthenticationHeader上设置的响应字段生成md5哈希。
md5将哈希用户名,密码,请求类型等,并将其添加到AuthenticationHeader。
在此之后,我然后发送与之前相同的请求,但附加了AuthenticationHeader。
这是我的代码基于的例子:
http://vkslabs.com/sip-register-request-using-jain-sip/我遇到的问题是,星号服务器一直响应401状态码,尽管添加了AuthHeaders与其包含的用户名和密码的md5哈希值,所以我想知道星号服务器是否使用不同类型的身份验证挑战/方法?
我怎么能从asterisk访问日志,看看它为什么拒绝我的Auth请求?会不会是错误的用户名和密码?无效的nonse吗?
目前,服务器只是返回401,没有更多的信息,究竟是什么问题。
下面是我的代码,创建,使注册请求,如果失败,再做一次,但这次添加AuthenticationHeader
public void registerClient(String username, String password,
ResponseEvent evnt) throws Exception {
cSeqHeader = headerFactory.createCSeqHeader(1, Request.REGISTER);
// request = messageFactory.createRequest(requestURI, Request.REGISTER,
// callIdHeader, cSeqHeader, fromHeader, toHeader, viaHeaders,
// maxForwards);
request = this.messageFactory.createRequest("REGISTER sip:"
+ toHost + " SIP/2.0rnrn");
request.addHeader(callIdHeader);
request.addHeader(cSeqHeader);
request.addHeader(fromHeader);
request.addHeader(toHeader);
request.addHeader(maxForwards);
request.addHeader(viaHeader);
request.addHeader(contactHeader);
request.addHeader(contactHeader);
if (evnt != null) {
request.addHeader(createAuthHeader(username, password, evnt, Request.REGISTER));
}
if (transaction == null) {
transaction = sipProvider.getNewClientTransaction(request);
}
transaction.sendRequest();
}
private AuthenticationHeader createAuthHeader(String username,
String password, ResponseEvent response, String requestMethod)
throws ParseException, NoSuchAlgorithmException {
AuthenticationHeader header = (AuthenticationHeader) headerFactory
.createAuthorizationHeader("Digest");
// get authentication type and nounce from wwwAuthheader we receive from
// response object
WWWAuthenticateHeader wwwAuthHeader = (WWWAuthenticateHeader) response
.getResponse().getHeader(WWWAuthenticateHeader.NAME);
String nonce = wwwAuthHeader.getNonce();
String qop = wwwAuthHeader.getQop();
String realm = wwwAuthHeader.getRealm();
String opaque = wwwAuthHeader.getOpaque();
// prepare and md5 username password and realm.
MessageDigest messageDigest = MessageDigest.getInstance(wwwAuthHeader
.getAlgorithm());
;
String message = String.format("%1$s:%2$s:%3$s", username, realm,
password);
String ha1 = toHexString(messageDigest.digest(message.getBytes()));
// prepare second md5 value for request method and request URI used
String message2 = String.format("%1$s:%2$s", requestMethod, requestURI);
String ha2 = toHexString(messageDigest.digest(message2.getBytes()));
String responseValue;
// check what type of digest we need and apply it auth header by
// checking qop
if (qop != null && qop.equals(AUTH)) {
// Create the final MD5 string using ha1 + “:” + nonce + “:” +
// nonceCount + “:” + cNonce + “:” + qop + “:” + ha2
// responseValue = String.format("%1$s:%2$s:%3$s:%4$s:%5$s:",
// ha1,nonce,)
} else {
// Create the final MD5 string using ha1 + “:” + nonce + “:” + ha2
responseValue = String.format("%1$s:%2$s:%3$s", ha1, nonce, ha2);
String responseConverted = toHexString(messageDigest.digest(responseValue
.getBytes()));
System.out.println(responseConverted);
System.out.println(wwwAuthHeader.getAlgorithm());
System.out.println(username);
System.out.println(nonce);
System.out.println(realm);
System.out.println(responseConverted);
header.setAlgorithm(wwwAuthHeader.getAlgorithm());
header.setUsername(username);
header.setNonce(nonce);
header.setRealm(realm);
// header.setQop(qop);
header.setURI(request.getRequestURI());
header.setResponse(responseConverted);
if(opaque != null) {
header.setOpaque(opaque);
}
}
return header;
}
private static final char[] toHex = { '0', '1', '2', '3', '4', '5', '6',
'7', '8', '9', 'a', 'b', 'c', 'd', 'e', 'f' };
/**
* From Nist/JAIN examples: convert an array of bytes to an hexadecimal
* string
*
* @return a string (length = 2 * b.length)
* @param b
* bytes array to convert to a hexadecimal string
*/
static String toHexString(byte b[]) {
int pos = 0;
char[] c = new char[b.length * 2];
for (int i = 0; i < b.length; i++) {
c[pos++] = toHex[(b[i] >> 4) & 0x0F];
c[pos++] = toHex[b[i] & 0x0f];
}
return new String(c);
}
谢谢
您已使用401请求中发送的nonce进行身份验证。