4 SIP based user configuration
24.2383GPPRelease 17Session Initiation Protocol (SIP) based user configurationStage 3TS
4.1 General description
SIP-based protocol framework serves as a means of user configuration of supplementary services in the IM CN subsystem specified in 3GPP TS 24.173 [2]. The contents of the Request-URI in a SIP INVITE request is used to convey the configuration code to the Application Server that hosts the supplementary service. Upon session initiation, the contents of the Request-URI are delivered by means of normal session setup signalling, as described in 3GPP TS 24.229 [3] to an Application Server. The Application Server then acts upon the Request-URI contents to effect the desired configuration data change (e.g., register and activate Communication Forwarding unconditional).
Procedures regarding Operator Determined Barring (ODB) are defined in 3GPP TS 24.315 [6].
4.2 Syntax requirements
The precise digit sequences within the Request-URI that comprise the effective dialstrings for user configuration are defined by the IM CN subsystem service provider and are not subject to standardisation.
NOTE 1: The digit sequence corresponding to the feature code can begin with a special character such as "#" or "*" according to network operator preferences. The length of the digit sequence is also defined by the network operator.
The digit sequences corresponding to the feature code shall be transported to the AS in the Request-URI of a SIP INVITE request as follows:
1) as a SIP URI dial string conforming to RFC 4967 [4] where the "phone-context" parameter is set to the home network domain name and the "user" parameter is set to "dialstring";
2) as a SIP URI that is not a GRUU, with the user part preceded with a "+", the "user" parameter set to "phone" and the domain part set to the home network domain; or
3) as a tel URI with a "phone-context" parameter set to the home network domain as defined in RFC 3966 [5].
NOTE 2: The format for encoding of the digit sequence defined in the first bullet is the preferred format. The other two formats are now deprecated.
4.3 Signalling requirements
4.3.1 General
Two roles are recognized for the implementation of SIP-based user configuration:
1) UE (SIP-based user configuration client); and
2) Application Server.
4.3.2 Actions at the originating UE (SIP-based user configuration client)
When performing SIP-based user configuration, the UE shall create a SIP URI, as described in RFC 4967 [4], with:
a) a dialstring, set to either the concatenation of feature code and the number to be provisioned or the feature code alone if no number information needs to be provided for the service; and
b) a "phone-context" parameter, set to the home network domain name.
The UE shall construct and initiate an appropriate INVITE in accordance with 3GPP TS 24.229 [3] with the Request-URI set to the URI created above.
4.3.3 Actions at the AS serving the originating UE
Upon receiving an INVITE request with a Request-URI containing a URI configured as defined in bullet 1 of subclause 4.2, the AS shall perform service activation, deactivation, or configuration data modification based on the recognized contents of the Request-URI.
An AS can receive an INVITE request with a Request-URI containing a URI configured as defined in bullets 2 and 3 of subclause 4.2. In which case, the AS may treat this Request-URI as a dial-string, as specified above.
Based on the outcome of the service configuration operation, the AS may:
– play an appropriate announcement using the methods specified in 3GPP TS 24.628 [7] to notify the user of the result of the operation; or
– send an appropriate error response in case the AS was unable to perform the requested service configuration operation.
4.3.4 Password option
4.3.4.1 General
By using the subscription option "control of supplementary service", the service configuration may be restricted by a password. The subscription option "control of supplementary service" can be set to "by the service provider" or "by subscriber using a password".
4.3.4.2 Procedures at the UE
When the subscription option "control of supplementary service" is set to "by subscriber using a password", the UE shall create the INVITE request as described in subclause 4.3.2 with a dialstring including a feature code with either the current password or both the current password and the new password to be registered.
4.3.4.3 Procedures at the AS
4.3.4.3.1 General
When the AS receives a Request URI in the INVITE request as defined in subclause 4.2 with a service configuration or a password change request, and the subscription option "control of supplementary service" is set to "by the service provider", the AS shall send a 403 (Forbidden) error response.
As a network option, the AS may play an appropriate announcement using the methods specified in 3GPP TS 24.628 [7] to notify the user that the operation is rejected.
When the subscription option "control of supplementary service" is set to "by subscriber using a password", the AS shall perform the password management procedures that consist of two independent procedures:
– password check; and
– password change;
The password check procedure is used for verifying the current password stored against the user:
– when the user requests a password change; and
– when the user requests modification of a supplementary service configuration document for a service that has password control.
The password change procedure is used by the AS to set a new password for the user.
The AS shall maintain a Wrong Password Attempts (WPA) counter.
When the password is set by the service provider the AS shall reset the WPA counter to zero.
If the AS receives a password that does not match the current password stored for the service, the AS shall increment the WPA counter by 1.
If a password check passes at the AS, the AS shall reset the WPA counter to zero. If the WPA counter exceeds the value three, the AS shall set the subscription option "control of supplementary service" to "by the service provider".
4.3.4.3.2 Password check
If the subscription option "control of supplementary service" is set to "by subscriber using a password" for a supplementary service configuration and a password change request is received, the AS shall verify that the password is present in the Request-URI and matches that stored for the user.
If a password is required, and the AS:
– receives a request where the Request URI is not formatted as defined in subclause 4.2;
– receives a request where the Request URI does not contain a password; or
– receives a request where the Request URI contains a password and the password does not match the current password stored for the user;
then the AS shall send a 403 (Forbidden) error response in case the AS was unable to perform the requested service configuration operation.
As a network option, the AS may play an appropriate announcement using the methods specified in 3GPP TS 24.628 [7] to notify the user of the result of the operation.
4.3.4.3.3 Password change
When the AS receives a Request URI as defined in subclause 4.2 with a password change request and the subscription option "control of supplementary service" is set to a value of "by subscriber using a password", the AS shall determine if the user is authorized to change the password by performing the password check procedure as described in subclause 4.3.4.2, and if so replace the currently used password with the new password. The new password is stored in an implementation specific way such that the password cannot be retrieved by the user.
Annex A (informative):
Signalling flows