I am writing a virtual ONVIF device based on com.sun.net.httpserver (hereinafter - the server). It is necessary to add the ability to set an arbitrary name and password for access to the server when creating an onvif server. To test the server uses Onvif Device Manager . Without a login password, the server is functioning normally. When setting the login-password in Onvif Device Manager, the server responds 500 for some reason I do not understand, the error is not intercepted in JaxWsLogger. Obviously, when the login-password is set, the Onvif Device Manager sends the Security header in a soap message that my server should handle. But I can't even get this headline. What am I doing wrong?
Server creation code. JaxWsLogger simply displays all messages that the server has accepted or sent.
private HttpServer makeServer() { JaxWsLogger logger = new JaxWsLogger(); HttpServer server; try { server = HttpServer.create( new InetSocketAddress( port ), 0 ); } catch ( IOException e ) { e.printStackTrace(); System.out.println( e.getMessage() ); return null; } //Endpoint.publish("http://0.0.0.0:9999/onvif/device_service", new DeviceServiceImpl()); Endpoint deviceService = Endpoint.create( new DeviceServiceImpl() ); Endpoint mediaService = Endpoint.create( new MediaServiceImpl().withVideoURI( videoURI ) ); Endpoint imagingService = Endpoint.create( new ImagingServiceImpl() ); Endpoint deviceioService = Endpoint.create( new DeviceioServiceImpl() ); //Endpoint discoveryLookupService = Endpoint.create( new DiscoveryLookupService() ); //Endpoint remoteDiscoveryService = Endpoint.create( new RemoteDiscoveryService() ); Authenticator authr = null; // useless http authentificator addLoggerToService( logger, deviceService ); addLoggerToService( logger, mediaService ); addLoggerToService( logger, imagingService ); addLoggerToService( logger, deviceioService ); //addLoggerToService( logger, discoveryLookupService ); //addLoggerToService( logger, remoteDiscoveryService ); deviceService.publish( createContext( server, "/onvif/device_service", authr ) ); mediaService.publish( createContext( server, "/onvif/media_service", authr ) ); imagingService.publish( createContext( server, "/onvif/imaging_service", authr ) ); deviceioService.publish( createContext( server, "/onvif/deviceIO_service", authr ) ); //discoveryLookupService.publish( createContext( server, "/onvif/discovery_service", authr ) ); //remoteDiscoveryService.publish( createContext( server, "/onvif/discovery_service", authr ) ); return server; } Wireshark exchange log:
request
<s:Envelope xmlns:s="http://www.w3.org/2003/05/soap-envelope"> <s:Header> <Security s:mustUnderstand="1" xmlns="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd"> <UsernameToken> <Username>root</Username> <Password Type="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-username-token-profile-1.0#PasswordDigest">802H+lCk3xd88Y/RMUhy4q4yJ7A=</Password> <Nonce EncodingType="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-soap-message-security-1.0#Base64Binary">kgzQJ+t70E2q1GbijW39PioAAAAAAA==</Nonce> <Created xmlns="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd">2018-01-15T10:53:08.000Z</Created> </UsernameToken> </Security> </s:Header> <s:Body xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xmlns:xsd="http://www.w3.org/2001/XMLSchema"> <GetCapabilities xmlns="http://www.onvif.org/ver10/device/wsdl"> <Category>All</Category> </GetCapabilities> </s:Body> </s:Envelope> answer
<S:Envelope xmlns:S="http://www.w3.org/2003/05/soap-envelope"> <S:Header> <NotUnderstood xmlns:abc="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd" xmlns="http://www.w3.org/2003/05/soap-envelope" qname="abc:Security" /> </S:Header> <S:Body> <S:Fault xmlns:ns4="http://schemas.xmlsoap.org/soap/envelope/"> <S:Code> <S:Value>S:MustUnderstand</S:Value> </S:Code> <S:Reason> <S:Text xml:lang="ru">One or more mandatory SOAP header blocks not understood</S:Text> </S:Reason> </S:Fault> </S:Body> </S:Envelope> 