Authentication can occur at a RADIUS server or at the proxy server.
Two types of authentication are supported: HTTP digest authentication and HTTP basic authentication.
Either type can occur at either location.
During authentication, the UAC password is stored as follows:
For RADIUS-supported authentication, it is stored at the RADIUS server. For proxy-supported authentication, it is stored in a subscriber table in a MySQL database.
The default authentication scheme is HTTP digest authentication performed at the Cisco SPS. When digest authentication and basic authentication are performed at the proxy server, the username, as found in the authorization header or the proxy-authorization header, is the key to query the MySQL database.
If authentication takes place at the RADIUS server, Cisco SPS passes the username as one of the attribute/value pairs to the RADIUS server, where it can be used to key the user search before authentication. Additionally, you can configure Cisco SPS to add any desired SIP headers as VSAs in the authentication request to the RADIUS server. More info:
http://www.cisco.com/univercd/cc/td/doc/product/voice/sipproxy/admingd/ver2_1/1over.htm#65106
For more info and configuration, please see:
http://www.cisco.com/univercd/cc/td/doc/product/voice/sipproxy/admingd/ver2_0/stnconf.htm#1076068