Hi Benny, Thank you very much for your answer. I'm using version 1.0.1 and the scenario is coherent with your description (if state=false, and nonce changed, also retry until > PJSIP_MAX_STALE_COUNT). I raised the question because in this particular server, the account become locked after 3 failed attemps which were always happening when someone missed the password. Once again, thank you for the clarification. Cheers, Nuno Costa > Nuno, which pjsip version are you using? And any particular compile time > macros related to authentication that you set? > > This shouldn't happen with recent pjsip version (by recent I mean version > 10 > months old or newer). We check both stale and nonce value to decide > whether > to resend authentication, and we set a cap on how many retries to send. > > After sending request with authentication, and if server keeps rejecting > with 401: > - if stale=true, retry until PJSIP_MAX_STALE_COUNT times (default is 3). > - if state=false, and nonce changed, also retry until > PJSIP_MAX_STALE_COUNT > times > - if stale=false and nonce doesn't change, we set authentication to fail > > We have a dozen of test scripts to test various scenarios related to > authentication, see tests\pjsua\scripts-recvfrom directory (the nnn_reg_* > files), so it shouldn't happen. Unless if there's a bug of course. :) > > cheers > Benny > > > On Fri, May 15, 2009 at 5:41 AM, Gang Liu <gangban.lau at gmail.com> wrote: > >> I saw many UAs do this way.So some sip registar will respond 403 if >> account >> or password is wrong after 401 challenge. >> >> regards, >> Gang >> >> On Fri, May 15, 2009 at 12:45 AM, Nuno Costa >> <ncosta at wit-software.com>wrote: >> >>> Hi, >>> >>> During recent tests, I find out a strange behavior during the >>> authentication process using the Digest algorithm. >>> Analyzing the problem from a high level, this is the behavior: >>> 1. A REGISTER packet without any authentication header is sent to >>> the >>> server. >>> 2. The server replies with a '401 Unauthorized' with an >>> authentication >>> header which%
