In failure route, you should check first for the 407 (btw, you do
not have to go via the onreply route, you can use only
failure_route, directly). If so, call uac_auth(), but be sure you
the $avp(10), $avp(11) and $avp(12)
*already* contain the values for realm, username and password. You
can load that info from a DB for example.