我正在为支持Onvif的IPCams开发iPhone应用程序。
这是我发送给cam的肥皂请求。凸轮由具有固件5.40的轴制成
NSString *passwordDigest = [self base64:input];
NSLog(@"Password %@",passwordDigest);
NSString *nonceDigest = [self base64:[NSString stringWithFormat:@"%i",nonce]];
NSLog(@"Nonce %@",nonceDigest);
[postBody appendData:[[NSString stringWithFormat:@"<?xml version=\"1.0\" encoding=\"utf-8\"?>"
"<SOAP-ENV:Envelope xmlns:SOAP-ENV=\"http://www.w3.org/2003/05/soap-envelope\""
"xmlns:wsse=\"http://docs.oasis-open.org/wss/2004/01/oasis-200401"
"-wss-wssecurity-secext-1.0.xsd\""
"xmlns:wsu=\"http://docs.oasis-open.org/wss/2004/01/oasis-"
"200401-wss-wssecurity-utility-1.0.xsd\""
"xmlns:tds=\"http://www.onvif.org/onvif/ver10/device/wsdl/devicemgmt.wsdl\">"
"<SOAP-ENV:Header><wsse:Security><wsse:UsernameToken>"
"<wsse:Username>root</wsse:Username>"
"<wsse:Password Type=\"http://docs.oasis-open.org/wss/2004/01/oasis-"
"200401-wss-username-token-profile-1.0#PasswordDigest\">"
"%@</wsse:Password><wsse:Nonce>%@</wsse:Nonce>"
"<wsu:Created>%@</wsu:Created></wsse:UsernameToken>"
"</wsse:Security></SOAP-ENV:Header><SOAP-ENV:Body>"
"<tds:GetCapabilities>"
"</SOAP-ENV:Body></SOAP-ENV:Envelope>",
passwordDigest, nonceDigest, date] dataUsingEncoding:NSUTF8StringEncoding]];
这是相机的回应
<?xml version="1.0" encoding="UTF-8"?>
<SOAP-ENV:Envelope xmlns:SOAP-ENV="http://www.w3.org/2003/05/soap-envelope" xmlns:SOAP-ENC="http://www.w3.org/2003/05/soap-encoding" xmlns:aa="http://www.axis.com/vapix/ws/action1" xmlns:aev="http://www.axis.com/vapix/ws/event1" xmlns:c14n="http://www.w3.org/2001/10/xml-exc-c14n#" xmlns:ds="http://www.w3.org/2000/09/xmldsig#" xmlns:tan="http://www.onvif.org/ver20/analytics/wsdl" xmlns:tan1="http://www.onvif.org/ver20/analytics/wsdl/RuleEngineBinding" xmlns:tan2="http://www.onvif.org/ver20/analytics/wsdl/AnalyticsEngineBinding" xmlns:tds="http://www.onvif.org/ver10/device/wsdl" xmlns:ter="http://www.onvif.org/ver10/error" xmlns:tev="http://www.onvif.org/ver10/events/wsdl" xmlns:tev1="http://www.onvif.org/ver10/events/wsdl/NotificationProducerBinding" xmlns:tev2="http://www.onvif.org/ver10/events/wsdl/EventBinding" xmlns:tev3="http://www.onvif.org/ver10/events/wsdl/SubscriptionManagerBinding" xmlns:tev4="http://www.onvif.org/ver10/events/wsdl/PullPointSubscriptionBinding" xmlns:timg="http://www.onvif.org/ver20/imaging/wsdl" xmlns:tns1="http://www.onvif.org/ver10/topics" xmlns:tnsaxis="http://www.axis.com/2009/event/topics" xmlns:tptz="http://www.onvif.org/ver20/ptz/wsdl" xmlns:trt="http://www.onvif.org/ver10/media/wsdl" xmlns:tt="http://www.onvif.org/ver10/schema" xmlns:wsa5="http://www.w3.org/2005/08/addressing" xmlns:wsnt="http://docs.oasis-open.org/wsn/b-2" xmlns:wsrfbf="http://docs.oasis-open.org/wsrf/bf-2" xmlns:wsrfr="http://docs.oasis-open.org/wsrf/r-2" xmlns:wsse="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd" xmlns:wstop="http://docs.oasis-open.org/wsn/t-1" xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd" xmlns:xmime="http://tempuri.org/xmime.xsd" xmlns:xop="http://www.w3.org/2004/08/xop/include" xmlns:xsd="http://www.w3.org/2001/XMLSchema" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance">
<SOAP-ENV:Header />
<SOAP-ENV:Body>
<SOAP-ENV:Fault SOAP-ENV:encodingStyle="http://www.w3.org/2003/05/soap-encoding">
<SOAP-ENV:Code>
<SOAP-ENV:Value>SOAP-ENV:Sender</SOAP-ENV:Value>
<SOAP-ENV:Subcode>
<SOAP-ENV:Value>ter:NotAuthorized</SOAP-ENV:Value>
</SOAP-ENV:Subcode>
</SOAP-ENV:Code>
<SOAP-ENV:Reason>
<SOAP-ENV:Text xml:lang="en">Sender not authorized</SOAP-ENV:Text>
</SOAP-ENV:Reason>
<SOAP-ENV:Detail>
<SOAP-ENV:Text>The action requested requires authorization and the sender is not authorized</SOAP-ENV:Text>
</SOAP-ENV:Detail>
</SOAP-ENV:Fault>
</SOAP-ENV:Body>
</SOAP-ENV:Envelope>
我已经使用了许多方法,例如GetCapabilities,GetStreamUri等,但无论如何都没有结果。
这是用于编码的base64方法
-(NSString*) base64:(NSString *) input
{
int i;
const char *cstr = [input cStringUsingEncoding:NSUTF8StringEncoding];
NSData *data = [NSData dataWithBytes:cstr length:input.length];
uint8_t digest[CC_SHA1_DIGEST_LENGTH];
CC_SHA1(data.bytes, data.length, digest);
NSMutableString* output = [NSMutableString stringWithCapacity:CC_SHA1_DIGEST_LENGTH * 2];
length:CC_SHA1_DIGEST_LENGTH;
for(i = 0; i < CC_SHA1_DIGEST_LENGTH; i++)
{
[output appendFormat:@"%02x", digest[i]];
}
return [data base64Encoding];
}
我尝试使用简单的随机数,base64编码的随机数,简单的通行证,base64编码的通行证,时间戳,本地时间,UTC时间,但是没有运气
我正在按照指定的here创建passwordDigest
像
base64(SHA-1 (nonce+created+password))
我做错了什么,请指导我
最佳答案
它可能与the onvif docs中所述的相同:6.1.1.3 ONVIF::AuthenticatingByWS-UsernameToken
When a device requires authentication through WS-UsernameToken, the client must set user information with the appropriate privileges in WS-UsernameToken.
This use case contains an example of setting that user information using SetHostname.
WS-UsernameToken requires the following parameters:
* Username – The user name for a certified user.
* Nonce – A random, unique number generated by a client.
* Created – The UtcTime when the request is made.
* Password – The password for a certified user. According to the ONVIF specification
Password should not be set in plain text. Setting a password generates
PasswordDigest, a digest that is calculated according to an algorithm defined in the
specification for WS-UsernameToken:
Digest = B64ENCODE( SHA1( B64DECODE( Nonce ) + Date + Password ) )
似乎计算摘要的方式与您尝试完成摘要的方式有些不同。
Digest = B64ENCODE( SHA1( B64DECODE( Nonce ) + Date + Password ) )
也许有帮助:)
关于ios - iPhone的ONVIF身份验证错误,我们在Stack Overflow上找到一个类似的问题: https://stackoverflow.com/questions/20879102/