Closed zebity closed 10 months ago
Added ws-security option on onvif-cxf-relay, based on example from cxf: https://github.com/apache/cxf/tree/main/distribution/src/main/release/samples/ws_security/ut/src/main/java/demo/wssec/client
Tested and commited: https://github.com/zebity/onvif-relay/commit/9d29e439bec16e04cee07537af9a29cb1974af05 & https://github.com/zebity/onvif-relay/commit/476c5fcf2841306beb552d4c20fc3c4fafc460d3
Change from example is to use constant classes (rather then string names) & put status method in call back to set password prior to use.
Issue
ONVIF specification: "The services defined in this standard shall be protected using digest authentication according to [RFC 2617] with the following exceptions.
Currently code supports Digest (RFC2617), but fails with older devices which only support WS-UsernameToken based authentication.
Need to add support for WS-Security
Expectation
Access should try:
NOTE: This may be require GetSystemDateTime to get clock of device for Auth Token generation