search

agsh / onvif

ONVIF node.js implementation
http://agsh.github.io/onvif/
MIT License
693 stars 236 forks source link

ONVIF SOAP Fault: An error was discovered processing the wsse:Security header #169

Closed WoodySlum closed 2 years ago

WoodySlum commented 4 years ago

Hi, got a Victure PC530 camera, but when calling connect got an error :

Error: ONVIF SOAP Fault: An error was discovered processing the wsse:Security header.
    at /Users/xxxxxxx/core-node/node_modules/onvif/lib/utils.js:80:12
    at Parser.<anonymous> (/Users/xxxxxxx/core-node/node_modules/xml2js/lib/parser.js:304:18)
    at Parser.emit (events.js:223:5)
    at SAXParser.onclosetag (/Users/xxxxxxx/core-node/node_modules/xml2js/lib/parser.js:262:26)
    at emit (/Users/xxxxxxx/core-node/node_modules/sax/lib/sax.js:624:35)
    at emitNode (/Users/xxxxxxx/core-node/node_modules/sax/lib/sax.js:629:5)
    at closeTag (/Users/xxxxxxx/core-node/node_modules/sax/lib/sax.js:889:7)
    at SAXParser.write (/Users/xxxxxxx/core-node/node_modules/sax/lib/sax.js:1436:13)
    at Parser.exports.Parser.Parser.parseString (/Users/xxxxxxx/core-node/node_modules/xml2js/lib/parser.js:323:31)
    at Parser.parseString (/Users/xxxxxxx/core-node/node_modules/xml2js/lib/parser.js:5:59)
    at Object.exports.parseString (/Users/xxxxxxx/core-node/node_modules/xml2js/lib/parser.js:369:19)
    at parseSOAPString (/Users/xxxxxxx/core-node/node_modules/onvif/lib/utils.js:62:9)
    at IncomingMessage.<anonymous> (/Users/xxxxxxx/core-node/node_modules/onvif/lib/cam.js:202:4)
    at IncomingMessage.emit (events.js:228:7)
    at endReadableNT (_stream_readable.js:1185:12)
    at processTicksAndRejections (internal/process/task_queues.js:81:21) null <soap:Envelope     >
<soap:Body>
<soap:Fault>
<soap:Code>
<soap:Value>soap:Sender</soap:Value><soap:Subcode>
<soap:Value>wsse:InvalidSecurity</soap:Value>
</soap:Subcode>
</soap:Code>
<soap:Reason>
<soap:Text xml:lang="en">An error was discovered processing the wsse:Security header.</soap:Text>
</soap:Reason>
<soap:Node>http://www.w3.org/2003/05/soap-envelope/node/ultimateReceiver</soap:Node>
<soap:Role>http://www.w3.org/2003/05/soap-envelope/role/ultimateReceiver</soap:Role>
</soap:Fault>
</soap:Body>
</soap:Envelope>

Any idea ? Thanks.

dakkar commented 4 years ago

I have the same camera, and got the same error. The error is generated by the camera, when it receives a request without credentials. Hacky patch: inside getSystemDateAndTime check if the XML contains An error was discovered processing the wsse:Security header in addition to checking for sender not authorized. Something like:

if (xml && (xml.toLowerCase().includes('sender not authorized')
         || xml.toLowerCase().includes('wsse:security header'))) {
dakkar commented 4 years ago

(unrelated to this bug, but might be of interest to @WoodySlum and others searching for that camera: the PTZ feature does not work via the ONVIF interface, the camera responds 200 OK without response body)

WoodySlum commented 4 years ago

Thanks @dakkar hope a camera firmware update

agsh commented 3 years ago

@WoodySlum Is that ok for you, can I close the issue?

WoodySlum commented 3 years ago

Yes thanks

agsh commented 3 years ago

Thank you!

agsh commented 3 years ago

I have the same camera, and got the same error. The error is generated by the camera, when it receives a request without credentials. Hacky patch: inside getSystemDateAndTime check if the XML contains An error was discovered processing the wsse:Security header in addition to checking for sender not authorized. Something like:

if (xml && (xml.toLowerCase().includes('sender not authorized')
         || xml.toLowerCase().includes('wsse:security header'))) {

Hmm, looking interesting. I'll try to forward this issue to the same problem, which I had found today

agsh commented 3 years ago

178

dakkar commented 3 years ago

the correct solution would be to notice the 401 and react accordingly (it means "unautorised, try again with credentials"), without looking at the body of the response at all