8.39a HTTP Digest Authentication / 5GS

34.229-53GPPInternet Protocol (IP) multimedia call control protocol based on Session Initiation Protocol (SIP) and Session Description Protocol (SDP)Part 5: Protocol conformance specification using 5G System (5GS)Release 16TSUser Equipment (UE) conformance specification

Tools: ARFCN - Frequency Conversion for 5G NR/LTE/UMTS/GSM

8.39a.1 Test Purpose (TP)

(1)

with { UE being registered to IMS and configured to use Digest authentication }

ensure that {

when { UE is made to activate OIP }

then { UE authenticates itself using Digest }

}

8.39a.2 Conformance Requirements

The conformance requirements covered in the present test case are, unless otherwise stated, Rel-15 requirements.

[TS 24.623, clause 5.2.3.2.1]:

On receiving an HTTP request that does not contain an Authorization header the AS shall:

a) challenge the user by generating a 401 Unauthorized response that contains the proper Digest authentication parameters (e.g. realm), according to IETF RFC 2617 [3]. Provisioning of credentials to authenticate the user is outside the scope of the present document; and

b) forward the 401 Unauthorized response to the sender of the HTTP request.

On receiving an HTTP request that contains an Authorization header, the AS shall:

a) apply the authentication procedures defined in IETF RFC 2617 [3]; and

b) authorize or deny authorization depending on the authenticated identity.

8.39a.3 Test description

8.39a.3.1 Pre-test conditions

System Simulator:

– 1 NR Cell connected to 5GC, default parameters.

UE:

– UE contains either ISIM and USIM applications or only USIM application on UICC.

– UE is configured to register for IMS after switch on.

Preamble:

– UE is in state 1N-A (TS 38.508-1 [21]) and registered to IMS

8.39a.3.2 Test procedure sequence

Table 8.39a.3.2-1: Main Behaviour

St	Procedure	Message Sequence		TP	Verdict
		U – S	Message
1	UE is made to attempt to attempt activation of supplementary service Originating Identification Presentation	–	–	–	–
2	UE sends an initial HTTP Request (Step 2 of A.21)	–>	GET/PUT/DELETE	–	–
3	Conditional (according to A.21): SS sends 401 Unauthorized (Step 3a of A.21)	<–	401 Unauthorized
4	Conditional (according to A.21): UE sends HTTP request with valid authorization credentials (Step 3b of A.21)	–>	GET/PUT/DELETE	1	P
5	SS sends 200 OK (Step 4 of A.21)	<–	200 OK	–	–
6-10	UE and SS complete the activation of the supplementary service and then de-activate it again (Steps 5-9 of A.21)	–	–	–	–

8.39a.3.3 Specific message content

None as fully specified in Annex A.21.