Hello,
On xProtect Express+ 2019R1 I was able to successfully pull alarm information from :22331/Central/AlarmService via SOAP 1.1 using the GetAlarmLines as well as the Start(/Get)AlarmLineSession functions. I authenticated to the AlarmService using NTLM. I understand that “AlarmService” (SOAP1.1) is deprecated in newer xProtect releases, so I would like to use AlarmService2.
I am currently having trouble authenticating using the WS-Security as implemented in SOAP 1.2 AlarmServices2. I have attempted to implement the WS-Security tags as indicated in AlarmServices2?WSDL, however I likely have something incorrectly setup as I keep getting the message “Invalid security.” Please see below for the raw SOAP1.2 request and response for the GetStatistics function:
Request:
POST http://esc-msi-vms:22331/Central/AlarmService2 HTTP/1.1
Accept-Encoding: gzip,deflate
Content-Type: application/soap+xml;charset=UTF-8;action=“http://videoos.net/2/CentralServerAlarmCommand/IAlarmCommand/GetStatistics”
Content-Length: 1571
Host: esc-msi-vms:22331
Connection: Keep-Alive
User-Agent: Apache-HttpClient/4.1.1 (java 1.5)
<soap:Envelope xmlns:cen=“http://videoos.net/2/CentralServerAlarmCommand” xmlns:soap=“http://www.w3.org/2003/05/soap-envelope”>
<soap:Header xmlns:wsa=“http://www.w3.org/2005/08/addressing”><wsse:Security xmlns:wsse=“http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd” xmlns:wsu=“http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd”><wsse:UsernameToken wsu:Id=“UsernameToken-983DDB701DF387B12F1590698461034121”>wsse:Usernamedomain\username</wsse:Username><wsse:Password Type=“http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-username-token-profile-1.0#PasswordText”>password</wsse:Password><wsse:Nonce EncodingType=“http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-soap-message-security-1.0#Base64Binary”>3ajjYegrW+qVjPCSv79gUw==</wsse:Nonce>wsu:Created2020-05-28T20:41:01.034Z</wsu:Created></wsse:UsernameToken><wsu:Timestamp wsu:Id=“TS-983DDB701DF387B12F1590698461034120”>wsu:Created2020-05-28T20:41:01.034Z</wsu:Created>wsu:Expires2020-05-28T20:42:01.034Z</wsu:Expires></wsu:Timestamp></wsse:Security>wsa:Actionhttp://videoos.net/2/CentralServerAlarmCommand/IAlarmCommand/GetStatistics</wsa:Action>wsa:MessageIDuuid:c9dd97a0-5768-4306-8600-604286b156e3</wsa:MessageID>wsa:Tohttp://esc-msi-vms:22331/Central/AlarmService2</wsa:To></soap:Header>
<soap:Body wsu:Id=“id-983DDB701DF387B12F1590698461038125” xmlns:wsu=“http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd”>
</soap:Body>
</soap:Envelope>
Response:
HTTP/1.1 500 Internal Server Error
Content-Length: 644
Content-Type: application/soap+xml; charset=utf-8
Server: Microsoft-HTTPAPI/2.0
Date: Thu, 28 May 2020 20:41:01 GMT
<s:Envelope xmlns:s=“http://www.w3.org/2003/05/soap-envelope” xmlns:a=“http://www.w3.org/2005/08/addressing”><s:Header><a:Action s:mustUnderstand=“1”>http://www.w3.org/2005/08/addressing/soap/fault</a:Action><a:RelatesTo>uuid:c9dd97a0-5768-4306-8600-604286b156e3</a:RelatesTo></s:Header><s:Body><s:Fault><s:Code><s:Value>s:Sender</s:Value><s:Subcode><s:Value xmlns:a=“http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd”>a:InvalidSecurity</s:Value></s:Subcode></s:Code><s:Reason><s:Text xml:lang=“en-US”>An error occurred when verifying security for the message.</s:Text></s:Reason></s:Fault></s:Body></s:Envelope>
Perhaps someone knows where the security configuration is incorrect in the request? I have tried creating a basic user instead of the default NTLM user, however basic authentication does not appear to be supported in express+. When configuring the WS-Security settings there was no option for NTLM. I am currently trying this out in SOAPUI, to get my requests sorted out. If someone has an example SOAPUI config that works for AlarmService2, that would be much appreciated.
Thanks,
Adam Wallace