IPCamera ONVIF: An error was discovered processing the wsse:Security header

Add-ons Bindings
1

Hi there, I’ve not experience with ONVIF so this may be a mistake on my configuration.

I’m trying to integrate a cheap Chinese camera to openhab 3.4. The camera have ONVIF activated with user and password set. It send the video through rtsp://xxx.xxx.xxx.xxx:554/realmonitor?channel=0&stream=0.sdp and VLC can reproduce the stream with that exact link or with authorization: rtsp://usr:pass@xxx.xxx.xxx.xxx:554/ Both work ok. VLC can reproduce them even through a ssh bridge from outside the LAN (with rtsp://127.0.0.1:554/realmonitor?channel=0&stream=0.sdp)

But the binding is giving me a security error (see log). It does not matter if I set a user and password or not. The log only changes in the rtsp link and the log cycles through this error changing thing status from online-offline-online-offline… (communication_error).

Does anybody have an idea of how can this be solved?

Thanks in advance.

EDIT: I forgot to specify that I wrote the rtsp URL exactly like in VLC, directly in the advanced options, as I’m not sure if the binding found it or not. And saving the stream as mp4 directly from ffmpeg CLI works ok.

2023-01-18 10:38:18.830 [DEBUG] [era.internal.handler.IpCameraHandler] - About to connect to the IP Camera using the ONVIF PORT at IP:xxx.xxx.xxx.xxx:8080

2023-01-18 10:38:18.831 [DEBUG] [amera.internal.onvif.OnvifConnection] - Connecting xxx.xxx.xxx.xxx to ONVIF

2023-01-18 10:38:18.831 [TRACE] [amera.internal.onvif.OnvifConnection] - Sending ONVIF request:GetSystemDateAndTime

2023-01-18 10:38:18.832 [DEBUG] [era.internal.handler.IpCameraHandler] - Binding has no snapshot url. Will use your CPU and FFmpeg to create snapshots from the cameras RTSP.

2023-01-18 10:38:18.832 [DEBUG] [hab.binding.ipcamera.internal.Ffmpeg] - Starting ffmpeg with this command now:-rtsp_transport tcp -threads 1 -skip_frame nokey -hide_banner -i rtsp://xxx.xxx.xxx.xxx:554/realmonitor?channel=0&stream=0.sdp -an -vsync vfr -q:v 2 -update 1 http://127.0.0.1:8080/ipcamera/192168151/snapshot.jpg

2023-01-18 10:38:18.863 [TRACE] [amera.internal.onvif.OnvifConnection] - Onvif reply is:<soap:Envelope xmlns:soap="http://www.w3.org/2003/05/soap-envelope" xmlns:ter="http://www.onvif.org/ver10/error" xmlns:wsse="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd" xmlns:xs="http://www.w3.org/2000/10/XMLSchema" xmlns:wsnt="http://docs.oasis-open.org/wsn/b-2">

<soap:Body>

<soap:Fault>

<soap:Code>

<soap:Value>soap:Sender</soap:Value><soap:Subcode>

<soap:Value>wsse:InvalidSecurity</soap:Value>

</soap:Subcode>

</soap:Code>

<soap:Reason>

<soap:Text xml:lang="en">An error was discovered processing the wsse:Security header.</soap:Text>

</soap:Reason>

<soap:Node>http://www.w3.org/2003/05/soap-envelope/node/ultimateReceiver</soap:Node>

<soap:Role>http://www.w3.org/2003/05/soap-envelope/role/ultimateReceiver</soap:Role>

</soap:Fault>

</soap:Body>

</soap:Envelope>
2

So, investigating on this, I tried to run the ffmpeg command from the log directly on the CLI and it gave an error. I started to manipulate the options and removed the -rstp_transport TCP option and, voila! I was able to create a snapshot on home.

Then I tried to update the snapshot.jpg on http//127.0.0.1:8080/ipcamera and Bingo! (again) the snapshot shown on my ipc widget, but only after I stopped ffmpeg, as I guess there must be an issue with users and permissions.

Now the issue is, how could I modify this option on the binding? As far as i know, it let us to modify options after -i, but the -rtsp_transport is the first one, so, I think there is no way to manipulate it. [EDIT: it is BEFORE -i not after… I will try with this]

Any idea will be appreciated.

3

And it seems I solved the online-offline cycle by removing the TCP transport on ffmpeg.

On ffmpeg input I enter -rtsp_transport 0 -threads 1 -skip_frame nokey -hide_banner and now the camera stays online. I have snapshots on the widget and now I have to deal with the video stream, but that is another question.