Filter
Top Products
54 • Web Server Integration
[ S N O M 4 S N A T F I L T E R ]
correctly.
The web requests that the SBC sends to the application server
has the following parameters:
• The parameter “action” is set to “auth”. By looking at this parameter,
the application server can easily find out that it should do a pass
-
word lookup.
• The parameter “from” contains the user/host pain. It has the format
user@host, there is no scheme and no parameters included in this
parameter.
The authentication cache is written with every web response. The
response may contain any number of answered, but must at least contain
the requests user/host pair. The answer must be encoded in a comma
separated value format with no header line. The CSV response has the
following fields:
• The first cell contains the user/host pair in the same format as in the
request. The SBC identifies the cache entry by this cell.
• The second cell contains the user name that should be used for the
challenging. Typically, this is identical with the user name part of
the from cell, but sometimes the challenging should use a different
name.
• The third cell contains the realm that should be used for the chal
-
lenging. Again, this field should typically be identical to the host part
of the from header, but in some situations this realm can be differ-
ent (for example, when canonical realm names must be used).
• The fourth cell contains the password in clear text.
• The fifth cell contains the expiration of that cache entry in seconds.
After this time the SBC will remove the entry from the list and issue
another applications server request to refresh the values. A typical
value would be one hour (3600 seconds).
The SBC interprets the presence of the parameters in the follow
-
ing way:
• If the realm or the username are not set, that user will always be
challenged with no hope for recovery. That practically means that
the request is denied.
• If realm and username are set but the password is empty, the re
-
quest will not be challenged; instead it will be assumed that the user
5.