I have 3 ONVIF cameras (Bosch, Pansonic and AXIS). I find the cameras using WS-Discovery and can get information from the cameras using GetDeviceInformation. My problem is that the AXIS camera returns (400) Bad Request when I try to get information from it, the two others work like a charm.
I have installed ONVIF Device Manager from SourceForge. If I enter login credientials in the program, I can stream live video from the AXIS camera. If I don't enter any login credientials, I can find the camera, but not stream any video. So based on this I concluded that the camera is correct configured.
I think it has something to do with login credientials on the binding, but can't figure out what is wrong.
My code looks like this
private void CustomBinding2()
{
try
{
const string SERVICE_ADDRESS_DIRECT = "http://192.168.1.72/onvif/device_service"; //400 bad request
const string USERNAME = "cbk";
const string PASSWORD = "12";
HttpTransportBindingElement httpTransportBindingElement = new HttpTransportBindingElement();
httpTransportBindingElement.MaxReceivedMessageSize = Int32.MaxValue;
httpTransportBindingElement.KeepAliveEnabled = false;
httpTransportBindingElement.MaxBufferSize = Int32.MaxValue;
httpTransportBindingElement.ProxyAddress = null;
httpTransportBindingElement.BypassProxyOnLocal = true;
httpTransportBindingElement.UseDefaultWebProxy = false;
httpTransportBindingElement.TransferMode = TransferMode.StreamedResponse;
httpTransportBindingElement.AuthenticationScheme = AuthenticationSchemes.Basic;
TextMessageEncodingBindingElement messegeElement = new TextMessageEncodingBindingElement();
messegeElement.MessageVersion = MessageVersion.CreateVersion(EnvelopeVersion.Soap12, AddressingVersion.None);
CustomBinding binding = new CustomBinding(messegeElement, httpTransportBindingElement);
binding.CloseTimeout = TimeSpan.FromSeconds(30.0);
binding.OpenTimeout = TimeSpan.FromSeconds(30.0);
binding.SendTimeout = TimeSpan.FromMinutes(10.0);
binding.ReceiveTimeout = TimeSpan.FromMinutes(3.0);
EndpointAddress serviceAddress = new EndpointAddress(SERVICE_ADDRESS_DIRECT);
ChannelFactory<Device> channelFactory = new ChannelFactory<Device>(binding, serviceAddress);
channelFactory.Credentials.UserName.UserName = USERNAME;
channelFactory.Credentials.UserName.Password = PASSWORD;
Device channel = channelFactory.CreateChannel();
string model, firmwareVersion, serialNumber, hardwareId;
channel.GetDeviceInformation(out model, out firmwareVersion, out serialNumber, out hardwareId);
MessageBox.Show(string.Format("Model: {0}", model));
}
catch (Exception e)
{
MessageBox.Show(e.Message);
}
}
Solved the problem...
One of the things that cheated me the most, was that the AXIS camera and the Client (PC) had to be time synchronous within +-5 sec. If I change the PC time, I just get the 400 bad request back. If the time matches everything works!!!
DateTime UTCTime = DateTime.UtcNow;
tbInfo.AppendText(string.Format("Client Local Time: {0}\n", DateTime.Now.ToString("HH:mm:ss")));
tbInfo.AppendText(string.Format("Client UTC Time: {0}\n", UTCTime.ToString("HH:mm:ss")));
tbInfo.AppendText("\n\n");
HttpTransportBindingElement httpTransport = new HttpTransportBindingElement();
TransportSecurityBindingElement transportSecurity = new TransportSecurityBindingElement();
transportSecurity.EndpointSupportingTokenParameters.SignedEncrypted.Add(new UsernameTokenParameters());
transportSecurity.AllowInsecureTransport = true;
transportSecurity.IncludeTimestamp = false;
TextMessageEncodingBindingElement textMessageEncoding = new TextMessageEncodingBindingElement(MessageVersion.Soap12, Encoding.UTF8);
CustomBinding binding = new CustomBinding(transportSecurity, textMessageEncoding, httpTransport);
EndpointAddress serviceAddress = new EndpointAddress(addressDirect);
ChannelFactory<Device> channelFactory = new ChannelFactory<Device>(binding, serviceAddress);
UsernameClientCredentials credentials = new UsernameClientCredentials(new UsernameInfo(username, password));
channelFactory.Endpoint.Behaviors.Remove(typeof(ClientCredentials));
channelFactory.Endpoint.Behaviors.Add(credentials);
Device channel = channelFactory.CreateChannel();
var unitTime = channel.GetSystemDateAndTime(new GetSystemDateAndTimeRequest());
tbInfo.AppendText(string.Format("Camera Local Time: {0}:{1}:{2}\n", unitTime.SystemDateAndTime.LocalDateTime.Time.Hour, unitTime.SystemDateAndTime.LocalDateTime.Time.Minute, unitTime.SystemDateAndTime.LocalDateTime.Time.Second));
tbInfo.AppendText(string.Format("Camera UTC Time: {0}:{1}:{2}\n", unitTime.SystemDateAndTime.UTCDateTime.Time.Hour, unitTime.SystemDateAndTime.UTCDateTime.Time.Minute, unitTime.SystemDateAndTime.UTCDateTime.Time.Second));
var info = channel.GetDeviceInformation(new GetDeviceInformationRequest());
MessageBox.Show(string.Format("Model: {0}", info.Model));
Related
I am trying to consume a WSDL file from a third party in .net web API but it's retrieving.
Third-party sent me a Certificate that needs to be installed on the machine that wants to send a request and I already installed it.
In SoapUI it succeeded, with these configurations:
I can't mimic the configuration in SoupUI in .net.
This is what I have done:
var binding = GetBinding();
var endpointAddress = GetEndpointAddress("Endpoint URL");
if (endpointAddress != null)
{
ChannelFactory<IVitalEventsChannel> factory = null;
IVitalEventsChannel serviceProxy = null;
try
{
factory = new ChannelFactory<IVitalEventsChannel>(binding, endpointAddress);
factory.Credentials.UserName.UserName = "Username";
factory.Credentials.UserName.Password = "Passowrd";
serviceProxy = factory.CreateChannel();
gePersonalRequest gePersonalReq = new gePersonalRequest("National number");
serviceProxy.Open();
var remoteAddress = serviceProxy.RemoteAddress;
var state = serviceProxy.State;
var result = await serviceProxy.gePersonalAsync(gePersonalReq);
factory.Close();
((ICommunicationObject)serviceProxy).Close();
}
catch (Exception ex)
{
//await client.CloseAsync();
factory.Close();
((ICommunicationObject)serviceProxy).Close();
return BadRequest(new { error = ex.Message });
}
}
Binding part looks like this:
private BasicHttpsBinding GetBinding()
{
var httpsBinding = new BasicHttpsBinding(BasicHttpsSecurityMode.TransportWithMessageCredential);
httpsBinding.Security.Transport.ClientCredentialType = HttpClientCredentialType.Basic;
//var httpsBinding = new BasicHttpBinding(BasicHttpSecurityMode.TransportWithMessageCredential);
WSHttpBinding b = new WSHttpBinding(SecurityMode.TransportWithMessageCredential);
b.Security.Message.ClientCredentialType = MessageCredentialType.UserName;
httpsBinding.Security.Transport.ClientCredentialType = HttpClientCredentialType.Basic;
httpsBinding.Security.Transport.ProxyCredentialType = HttpProxyCredentialType.Basic;
httpsBinding.Security.Mode = BasicHttpsSecurityMode.TransportWithMessageCredential;
httpsBinding.MaxBufferSize = int.MaxValue;
httpsBinding.ReaderQuotas = XmlDictionaryReaderQuotas.Max;
httpsBinding.MaxReceivedMessageSize = int.MaxValue;
httpsBinding.AllowCookies = true;
return httpsBinding;
}
I am trying to connect to the MongoDB server through a ssl certificate using c#. I am getting a System.TimeoutException (A timeout occurred after 30000ms selecting a server using the CompositeServerSelector).
I started with connection via MongoClientSetting object. Here is the code:
MongoClientSettings settings = new MongoClientSettings();
settings.MaxConnectionLifeTime = new TimeSpan(12, 0, 0);
settings.UseSsl = true;
settings.VerifySslCertificate = false;
var cert = new X509Certificate2("mongoDBCAFile.cer");
settings.SslSettings = new SslSettings{
ClientCertificates = new[] { cert }
};
settings.Servers = new[]{
new MongoServerAddress("xyz1.intranet.companyname.com", 12345),
new MongoServerAddress("xyz2.intranet.companyname.com", 12345)
};
settings.ReplicaSetName = "replicaName";
var cred = MongoCredential.CreateGssapiCredential("username#intranet.companyname.com").WithMechanismProperty("SERVICE_NAME", "servicename");
settings.Credential = cred;
var client = new MongoClient(settings);
var database = client.GetDatabase("DatabaseName");
var collection = database.GetCollection<BsonDocument>("CollectionName");
//This is the place of error
var count1 = collection.CountDocuments(new BsonDocument());
I tried playing around with ConnectTimeout, SocketTimeout, and wTimeOut but the error was same.
I also tried doing the same thing using the connection string as mentioned here but I wouldn't figure out how to create a connection string with these many parameters.
Found the solution.
The issue was with authentication of the user with external server. MongoDB server was waiting for the clearance from this external server, but Because the authentication was never successfully, MongoDB always lead to System.TimeoutException.
Here is the fix code.
settings.ReplicaSetName = "replicaName";
SecureString pwd = new NetworkCredential("intranet/userName", "myPassword").securePassword;
var cred = MongoCredential.CreateGssapiCredential("username/intranet.companyname.com", pwd).WithMechanismProperty("SERVICE_NAME", "serviceName").WithMechanismProperty("CANONICALIZE_HOST_NAME", "true");
settings.Credentials = cred;
I'm supporting a project where we recently needed to apply a series of upgrades to a newer version of the .Net Framework. This has largely succeeded but for one final component that's been around for a very long time.
Our client uses InfoPath templates to populate information for other users to consume. Everything the templates need comes from a WCF web service we host. We set the web service call up with the following code.
private WSHttpBinding CreateBinding()
{
var wsHttpBinding = new WSHttpBinding();
wsHttpBinding.CloseTimeout = TimeSpan.FromMinutes(10);
wsHttpBinding.OpenTimeout = TimeSpan.FromMinutes(10);
wsHttpBinding.ReceiveTimeout = TimeSpan.FromMinutes(10);
wsHttpBinding.SendTimeout = TimeSpan.FromMinutes(10);
wsHttpBinding.BypassProxyOnLocal = false;
wsHttpBinding.TransactionFlow = false;
wsHttpBinding.HostNameComparisonMode = HostNameComparisonMode.StrongWildcard;
wsHttpBinding.MaxBufferPoolSize = 524288;
wsHttpBinding.MaxReceivedMessageSize = 2147483647;
wsHttpBinding.MessageEncoding = WSMessageEncoding.Text;
wsHttpBinding.TextEncoding = Encoding.UTF8;
wsHttpBinding.UseDefaultWebProxy = true;
wsHttpBinding.AllowCookies = false;
wsHttpBinding.ReaderQuotas.MaxDepth = 32;
wsHttpBinding.ReaderQuotas.MaxStringContentLength = 2147483647;
wsHttpBinding.ReaderQuotas.MaxArrayLength = 16384;
wsHttpBinding.ReaderQuotas.MaxBytesPerRead = 4096;
wsHttpBinding.ReaderQuotas.MaxNameTableCharCount = 16384;
wsHttpBinding.ReliableSession.Ordered = true;
wsHttpBinding.ReliableSession.InactivityTimeout = TimeSpan.FromMinutes(10);
wsHttpBinding.ReliableSession.Enabled = false;
wsHttpBinding.Security.Mode = SecurityMode.TransportWithMessageCredential;
wsHttpBinding.Security.Transport.ClientCredentialType = HttpClientCredentialType.None;
wsHttpBinding.Security.Transport.ProxyCredentialType = HttpProxyCredentialType.None;
wsHttpBinding.Security.Transport.Realm = string.Empty;
wsHttpBinding.Security.Message.ClientCredentialType = MessageCredentialType.UserName;
wsHttpBinding.Security.Message.NegotiateServiceCredential = false;
wsHttpBinding.Security.Message.AlgorithmSuite = SecurityAlgorithmSuite.Basic256;
return wsHttpBinding;
}
private EndpointAddress CreateEndPoint()
{
X509Store store = new X509Store(StoreName.My, StoreLocation.CurrentUser);
store.Open(OpenFlags.ReadOnly);
X509Certificate2 certificate = store.Certificates.Find(X509FindType.FindBySubjectName, "*.wildcard.address.foo", false)[0];
store.Close();
EndpointIdentity identity = EndpointIdentity.CreateX509CertificateIdentity(certificate);
string address = getWcfServiceUrl();
AddressHeader header = AddressHeader.CreateAddressHeader(address);
List<AddressHeader> headerList = new List<AddressHeader> { header };
Uri uri = new Uri(address);
var endpointAddress = new EndpointAddress(uri, identity, headerList.ToArray());
return endpointAddress;
}
}
This works fine and if we're testing it out, calls can be made successfully for all other intents and purposes. Except for one.
In one case we need to get information from a 3rd party resource. In that situation, our web service makes a separate call out to this 3rd party at an HTTPS address (passed in to the url parameter here:
private string requestURL(string url)
{
string toReturn = null;
Stream stream = null;
try
{
HttpWebRequest request = (HttpWebRequest)WebRequest.Create(url);
request.Method = httpMethod;
stream = ((HttpWebResponse)request.GetResponse()).GetResponseStream();
StreamReader reader = new StreamReader(stream);
toReturn = reader.ReadToEnd();
}
catch(Exception e)
{
throw new Exception("Error with that service please try again: " + e.Message, e);
}
finally
{
if(stream != null)
{
stream.Close();
}
}
return toReturn;
}
In this case, the following error is returned:
The request was aborted: Could not create SSL/TLS secure channel.
My suspicion is that we're setting up a very specific set of constraints around the SSL connection between our local client (i.e. InfoPath) and the web service but the call from that web service to the 3rd party is not set up with any constraints beyond simply calling over HTTPS.
What should I be looking out for in trying to fix this issue?
WCF IMHO is particular about configuration at both ends and asks for things like transport credential specifically in the back and forth. I suspect you have no control of how the security is managed at the third party and can't change it, but your generic method to call all web services won't work because the configuration doesn't match.
I get server error when I trying connect to webService. Do you know why?
Error
{System.Collections.Generic.SynchronizedReadOnlyCollection}
Code
BasicHttpBinding basicbinding = new BasicHttpBinding();
basicbinding.Security.Mode = BasicHttpSecurityMode.TransportCredentialOnly;
basicbinding.Security.Transport.ClientCredentialType = HttpClientCredentialType.Basic;
basicbinding.Name = "HTTP_Port";
WSPI.InvoiceCheck_OutClient invoiceCheck_OC = new WSPI.InvoiceCheck_OutClient(basicbinding, new EndpointAddress(new Uri("http://example.example.eu:51200/XISOAPAdapter/MessageServlet?senderParty=&")));
invoiceCheck_OC.ClientCredentials.UserName.UserName = "Login";
invoiceCheck_OC.ClientCredentials.UserName.Password = "Password";
WSPI.InvoiceCheck invoiceCheck = new WSPI.InvoiceCheck();
WSPI.InvoiceCheck_OutRequest invoiceCheck_OR = new WSPI.InvoiceCheck_OutRequest();
WSPI.InvoiceConfirm invoiceCheck_IC = new WSPI.InvoiceConfirm();
invoiceCheck.InvoiceNo = "1000000";
invoiceCheck.IssueDate = "2014-01-01";
invoiceCheck.VatNo = "88090302342";
invoiceCheck.Username = "SuperRafal";
string response = invoiceCheck_OC.InvoiceCheck_Out(invoiceCheck).Response.ToString();
Code working correct there was a problem with link :) Sorry
I have forms application with service reference by using CustomBinding for signing soap request (Only need soap body will be signed). If I try to sign request with private key included pfx wcf client succesfully sign Basic256Sha256Rsa15.
Succesfull case below:
private CustomBinding GetCustomHttpBinding()
{
CustomBinding binding = new CustomBinding();
// Open and Close = 20s
binding.OpenTimeout = new TimeSpan(0, 0, 20);
binding.CloseTimeout = new TimeSpan(0, 0, 20);
// Send and Receive = 300s
binding.SendTimeout = new TimeSpan(0, 5, 0);
binding.ReceiveTimeout = new TimeSpan(0, 5, 0);
// ++ Setting security binding ++
var param = new X509SecurityTokenParameters();
param.X509ReferenceStyle = X509KeyIdentifierClauseType.IssuerSerial;
param.ReferenceStyle = SecurityTokenReferenceStyle.Internal;
param.InclusionMode = SecurityTokenInclusionMode.AlwaysToRecipient;
param.RequireDerivedKeys = false;
var userNameToken = new UserNameSecurityTokenParameters();
userNameToken.InclusionMode = SecurityTokenInclusionMode.AlwaysToRecipient;
var securityElement = new AsymmetricSecurityBindingElement();
securityElement.EnableUnsecuredResponse = true;
securityElement.IncludeTimestamp = true;
securityElement.RecipientTokenParameters = new X509SecurityTokenParameters(X509KeyIdentifierClauseType.IssuerSerial, SecurityTokenInclusionMode.Never);
securityElement.InitiatorTokenParameters = new X509SecurityTokenParameters(X509KeyIdentifierClauseType.IssuerSerial, SecurityTokenInclusionMode.AlwaysToRecipient);
securityElement.DefaultAlgorithmSuite = SecurityAlgorithmSuite.Basic256Sha256Rsa15;
securityElement.SecurityHeaderLayout = SecurityHeaderLayout.Strict;
securityElement.SetKeyDerivation(false);
securityElement.EndpointSupportingTokenParameters.Signed.Add(param);
//securityElement.MessageProtectionOrder = MessageProtectionOrder.SignBeforeEncrypt;
securityElement.MessageSecurityVersion = MessageSecurityVersion.WSSecurity11WSTrust13WSSecureConversation13WSSecurityPolicy12BasicSecurityProfile10;
binding.Elements.Add(securityElement);
// ++ Setting message encoding binding ++
var encodingElement = new TextMessageEncodingBindingElement();
encodingElement.MessageVersion = MessageVersion.Soap12;
encodingElement.WriteEncoding = Encoding.UTF8;
//encodingElement.MaxReadPoolSize = 50000000;
//encodingElement.MaxWritePoolSize = 50000000;
encodingElement.ReaderQuotas.MaxArrayLength = 50000000;
encodingElement.ReaderQuotas.MaxStringContentLength = 50000000;
binding.Elements.Add(encodingElement);
// ++ Setting https transport binding ++
var httpsElement = new HttpsTransportBindingElement();
// Messagge buffer size
httpsElement.MaxBufferSize = 50000000;
httpsElement.MaxReceivedMessageSize = 50000000;
httpsElement.MaxBufferPoolSize = 50000000;
httpsElement.RequireClientCertificate = true;
// Others
httpsElement.UseDefaultWebProxy = true;
binding.Elements.Add(httpsElement);
return binding;
}
And Service Sertificate set as
client.ClientCredentials.ClientCertificate.Certificate=cert;// From pfx file
client.ClientCredentials.ServiceCertificate.DefaultCertificate =serverCert;//from server certificate
I try to sign with my company smart card which is ACS38 smart card. If I use DefaultAlgotihmSuite Basic128 or Basic128Rsa15 then smartCard certificate succesfully sign body elements. I change algorihmsuite Basic256Sha256Rsa15 for requirement then I get KeySet does not exist. In this Smart Card have private key but WCF does not reach that private key.
Is there way to sign to Sign Soap Body with Sha256Rsa on SmartCard ?