Http 400 Bad Request while authenticating with ONVIF camera

Question

I am trying to authenticate with the ONVIF camera by sending the "usernametoken" soap request to get the device capabilities. But I am getting "The action requested requires authorization and the sender is not authorized" error back from the camera. Below is the "Usernametoken" I am sending:

<?xml version="1.0" encoding="utf-8"?><s:Envelope xmlns:s="http://www.w3.org/2003/05/soap-envelope"><s:Header><Security s:mustUnderstand="1" xmlns="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd"><UsernameToken><Username>root</Username><Password Type="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-username-token-profile-1.0#PasswordDigest">PLAolzuaeKGkHrC7uMD52ZAvjDc=</Password><Nonce EncodingType="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-soap-message-security-1.0#Base64Binary">DK81s1X+o0Cp0QfDg7CJ8YSeacg=</Nonce><Created xmlns="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd">2015-02-12T21:49:39.001Z</Created></UsernameToken></Security></s:Header><s:Body xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xmlns:xsd="http://www.w3.org/2001/XMLSchema"><GetCapabilities xmlns="http://www.onvif.org/ver10/device/wsdl"><Category>All</Category></GetCapabilities></s:Body></s:Envelope>

The am creating the "nonce" is this way:

string guid = Guid.NewGuid().ToString();
string nonce = GetSHA1String( guid );

public string GetSHA1String(string phrase)
{
        byte[] hashedDataBytes = SHA1.Create().ComputeHash(Encoding.UTF8.GetBytes(phrase)); 
        return Convert.ToBase64String(hashedDataBytes);
}

I am creating the "Created" in this way:

string created = System.DateTime.Now.ToUniversalTime().ToString("yyyy-MM-ddTHH:mm:ss.fffZ");

I am creating the PasswordDigest in this way:

string pwd = "admin";
string hashedPassword = CreateHashedPassword(nonce, created, pwd);

 public string CreateHashedPassword(string nonce, string created, string password)
 {
       return GetSHA1String(nonce + created + password);
 }

I dont know what I am doing wrong. I really appreciate some one can help in this matter.

score 0 · Answer 1 · edited May 23 '17 at 11:56

0

When hashing, the nonce part of the "nonce + created + password" must be binary data. See this thread for a similar problem: what's the formula of ONVIF #PasswordDigest

edited May 23 '17 at 11:56

Community

1
1

answered Mar 11 '15 at 16:59

Paul Gibbs

1
1

Http 400 Bad Request while authenticating with ONVIF camera

1 Answers1