Please see whether I'm right. A company claims that its cameras are Profile T compliant. So I visit this document to see what functions the cameras supports:
https://www.onvif.org/wp-content/uploads/2018/09/ONVIF_Profile_T_Specification_v1-0.pdf
In section 7.2.3 I see the function list for devices. I examine the first one, GetServices with the following command:
curl 192.168.11.92/onvif/device_service -d
'<?xml version="1.0" encoding="utf-8"?>
<soap12:Envelope xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xmlns:xsd="http://www.w3.org/2001/XMLSchema" xmlns:soap12="http://www.w3.org/2003/05/soap-envelope">
<soap12:Body>
<GetServices xmlns="Battle of the Bulge, 75 years on" />
</soap12:Body>
</soap12:Envelope>'
The camera responds:
<?xml version="1.0" encoding="UTF-8"?>
<SOAP-ENV:Envelope xmlns:SOAP-ENV="http://www.w3.org/2003/05/soap-envelope" xmlns:SOAP-ENC="http://www.w3.org/2003/05/soap-encoding" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xmlns:xsd="http://www.w3.org/2001/XMLSchema" xmlns:c14n="Exclusive XML Canonicalization Version 1.0" xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd" xmlns:ds="XML-Signature Syntax and Processing" xmlns:tt="http://www.onvif.org/ver10/schema" xmlns:tns1="http://www.onvif.org/ver10/topics" xmlns:xmime="http://www.w3.org/2005/05/xmlmime" xmlns:xop="http://www.w3.org/2004/08/xop/include" xmlns:wsa="WS-Addressing 1.0 Namespace" xmlns:wsrfr="http://docs.oasis-open.org/wsrf/r-2" xmlns:wsrfrw="http://docs.oasis-open.org/wsrf/rw-2" xmlns:wsrfbf="http://docs.oasis-open.org/wsrf/bf-2" xmlns:wstop="http://docs.oasis-open.org/wsn/t-1" xmlns:wsse="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd" xmlns:wsnt="http://docs.oasis-open.org/wsn/b-2" xmlns:dn="http://www.onvif.org/ver10/network/wsdl" xmlns:tan="http://www.onvif.org/ver20/analytics/wsdl" xmlns:tds="http://www.onvif.org/ver10/device/wsdl" xmlns:tev="http://www.onvif.org/ver10/events/wsdl" xmlns:timg="http://www.onvif.org/ver20/imaging/wsdl" xmlns:tptz="http://www.onvif.org/ver20/ptz/wsdl" xmlns:trt="http://www.onvif.org/ver10/media/wsdl" xmlns:tmd="http://www.onvif.org/ver10/deviceIO/wsdl" xmlns:ter="http://www.onvif.org/ver10/error" xmlns:tavg="http://www.avigilon.com/onvif/ver10/avigilon-types" xmlns:tnsavg="http://www.avigilon.com/onvif/ver10/topics" xmlns:avg="http://www.avigilon.com/onvif/ver10/avigilon/wsdl" xmlns:avgb="http://www.avigilon.com/onvif/ver10/avigilon-base/wsdl" xmlns:d="Web Services Dynamic Discovery (WS-Discovery)">
<SOAP-ENV:Body>
<SOAP-ENV:Fault SOAP-ENV:encodingStyle="http://www.w3.org/2003/05/soap-encoding">
<SOAP-ENV:Code>
<SOAP-ENV:Value>
SOAP-ENV:Sender
</SOAP-ENV:Value>
</SOAP-ENV:Code>
<SOAP-ENV:Reason>
<SOAP-ENV:Text xml:lang="en">
Method 'GetServices' not implemented: method name or namespace not recognized
</SOAP-ENV:Text>
</SOAP-ENV:Reason>
</SOAP-ENV:Fault>
</SOAP-ENV:Body>
</SOAP-ENV:Envelope>
It says that the method is not implemented. Whatever I've examined until now got the same response. So I wonder maybe I've some mistakes in my requests.
Three points:
The namspace is wrong: xmlns="Battle of the Bulge, 75 years on". According to the Media 2 Service specs, it shall be http://www.onvif.org/ver20/media/wsdl.
This is not the way you are supposed to discover if a device supports Profile T. You should check if the scope onvif://www.onvif.org/Profile/T is returned by GetScopes or by discovering. A camera may implement Media Service 2 even if it is not Profile T compliant.
The best way to check if the claim of conformance to Profile T is correct, it to check the Declaration of Conformance being uploaded on the ONVIF website.
The correct way to specify the operation is
<wsdl:GetServices xmlns:wsdl="http://www.onvif.org/ver10/device/wsdl">
Reason: your main request,
<GetServices xmlns="Battle of the Bulge, 75 years on" />
is wrong for several reasons.
The most important is that you refer the operation by its local (unqualified) name. The correct name must be qualified, including a namespace. It is usually represented as {http://www.onvif.org/ver10/device/wsdl}GetService, but it must be used as wsdl:GetService
You can not use just any string as namespace; it must be the one that was used when the operation was defined (in this case, in devicemgmt.wsdl is defined as above)
Your definition of the namespace via xmlns is wrong, as it does not secify the namespace, only its value. The namespace used must be defined using the syntax xmlns:<uour namespace short>=<namespace as url>.
The namespace must be defined in the tag where it is used or one of its parents. It is most common to define all namespaces at the topmost level (root node/element)
and will return a list of services present, such as analytics, deviceio, event, etc. If the device supports Profile T, it will have Media2 service present, as below (not that is actually enabled, you need to use GetScopes for that or check the discovery message, as the other poster said)
<tds:Service>
<tds:Namespace>http://www.onvif.org/ver20/media/wsdl</tds:Namespace>
<tds:XAddr>http://10.12.34.56/onvif/media_service</tds:XAddr>
<tds:Version>
<tt:Major>17</tt:Major>
<tt:Minor>12</tt:Minor>
</tds:Version>
</tds:Service>
Related
I am trying to submit a product feed to AWS and I keep getting a generic error related to the XML I am sending
I have gone through all the .xsd files and come up what I believe to be correct xml but apparently not :(
The Error
{
"MessageID": "1",
"ResultCode": "Error",
"ResultMessageCode": "25",
"ResultDescription": "We are unable to process the XML feed because one or more items are invalid. Please re-submit the feed."
}
How I am creating the content
const getContent = (upc) => `<?xml version="1.0" encoding="iso-8859-1"?>
<AmazonEnvelope xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:noNamespaceSchemaLocation="amzn-envelope.xsd">
<Header>
<DocumentVersion>1.01</DocumentVersion>
<MerchantIdentifier>${process.env.MERCHANT_ID}</MerchantIdentifier>
</Header>
<MessageType>Product</MessageType>
<Message>
<MessageID>1</MessageID>
<OperationType>Update</OperationType>
<Product>
<SKU>${upc}</SKU>
</Product>
</Message>
</AmazonEnvelope>`
Turns out this just means a value in the xml is malformed. It helped a lot to search the xsd files for the specific variable I was trying to tie a value to and then it provides the restrictions on that value (i.e. AmazonOrderId has a regex validation associated with it that restricts the value to be in the structure of 123-1234567-1234567). After I manually ran through this process for each variable I was able to submit a feed finally but now I have to have an associated OrderAcknowledgement which I am working through.
I am deploying FIWARE security GEs (i.e., Wilma, AuthzForce, Keyrock) in my computer. Security level 2 (Basic Authorization) is working well, but now I need security level 3 (Advanced Authorization) using XACML.
Long story short, I want a tutorial of implementation security level 3. However, as far as I know, any tutorial or document about security level 3 does not exist.
For now, I create my policy with PAP's API, and change 'custom_policy' option in config.js from 'undefined' to 'policy.js'. And then I create 'policy.js' file into 'PEP/policies', but don't change anything compared with its template file because I don't know what this code does exactly. I think I should make XACML Request form using 'xml' variable. But in my case, PEP gives me the error when I make the XACML Request using 'xml' variable, and return this variable. Here is my error of PEP:
Error: Root - Error in AZF communication <?xml version="1.0" encoding="UTF-8" standalone="yes"?><error xmlns="http://authzforce.github.io/rest-api-model/xmlns/authz/S" xmlns:ns2="http://www.w3.org/2005/Atom" xmlns:ns3="http://authzforce.github.io/core/xmlns/pdp/5.0" xmlns:ns4="http://authzforce.github.io/pap-dao-flat-file/xmlns/properties/3.6"><message>Invalid parameters: cvc-elt.1: Cannot find the declaration of element 'Request'.</message></error>
And here is my 'getPolicy' code (XACML Request) in policy.js. I just made very simple request whether response is permit or not because I'm not sure what I'm doing at that time.:
exports.getPolicy = function (roles, req, app_id) {
var xml = xmlBuilder.create('Request', {
'xmlns': 'urn:oasis:names:tc:xacml:3.0:core:schema:wd-17',
'CombinedDecision': 'false',
'ReturnPolicyIdList': 'false'})
.ele('Attributes', {
'Category': 'urn:oasis:names:tc:xacml:1.0:subject-category:access-subject'});
So, anyone can give me any information about implementation of security level 3?
Upgrade to Wilma 6.2 (bug fixing).
Reuse the code from lib/azf.js which is known to work, and adapt the Request content to your needs. The variable is wrongly called XACMLPolicy there, but don't be mistaken, this is an actual XACML Request. This is using xml2json package to convert the JSON to XML, whereas in your code you seem to use a different one, xmlbuilder maybe? You didn't paste the full code - where does this xmlBuilder variable come from? - so I'm just guessing.
If you are indeed using xmlbuilder package and want to stick with it, I notice that in the example using namespaces, the xmlns attribute is put in a different way:
var xmlBuilder = require('xmlbuilder');
var xml = xmlBuilder.create('Request', { encoding: 'utf-8' })
.att('xmlns', 'urn:oasis:names:tc:xacml:3.0:core:schema:wd-17')
.att('CombinedDecision': 'false')
.att('ReturnPolicyIdList': 'false')
.ele('Attributes', {'Category': 'urn:oasis:names:tc:xacml:1.0:subject-category:access-subject'});
Maybe this makes a difference, I didn't check.
Also feel free to create an issue with your question on Wilma's github to get help from the dev team. (I am not one of them but we've worked together for AuthzForce integration.)
The error you are getting is really
Invalid parameters: cvc-elt.1: Cannot find the declaration of element
'Request'.
This is a simple XML validation issue. You need to make sure that the XACML request you send contains the right namespace declaration.
You'll see there is another question on this topic here.
Can you paste your XACML request so we can tell whether it is valid?
I am using Spring Integration in my project. I have the following payload.
<?xml version="1.0" encoding="UTF-8"?>
<PQ>
<PQContact>
<hostAddress>10.193.244.136</hostAddress>
</PQContact>
<workflowStatusComment>
<comment>I am here</comment>
</workflowStatusComment>
</PQ>
I want to extract the tag <workflowStatusComment> i.e workflowStatusComment <comment>I am here</comment></workflowStatusComment> and save it for future purpose. I don't want to use any java code to use the saved tag info in the future. I want to add the saved info to another payload at the end of the execution.I know about header enrichers, but I don't know how to use the saved header enriched values without using java. I have to only use Spring Integration components to manipulate the payload.
The second payload to which I am going to append the saved tag info is here:
<?xml version="1.0" encoding="UTF-8"?>
<PQ>
<PQContact>
<hostAddress>10.193.244.136</hostAddress>
<name>Ashok</name>
<userId>007</userId>
</PQContact>
</PQ>
After appending the saved tag info to the above payload, my final payload should look like the initial payload with some extra information. Something like below:
<?xml version="1.0" encoding="UTF-8"?>
<PQ>
<PQContact>
<hostAddress>10.193.244.136</hostAddress>
<name>Ashok</name>
<userId>007</userId>
</PQContact>
<workflowStatusComment>
<comment>I am here</comment>
</workflowStatusComment>
</PQ>
is there any way?
You can extract that info from the XML using <int-xml:xpath-transformer> or #xpath() SpEL-function.
But you have to share with us what is your "another payload" and how you would like to add this extracted.
Maybe it even better to have some solution with Java and than we consider here how to convert it into Spring Integration XML DSL or similar.
Please, revise your question to make it more clearer.
UPDATE
To insert one XML into another you have to fight a bit javax.xml API.
The code might be something like this:
DocumentBuilder builder = DocumentBuilderFactory.newInstance().newDocumentBuilder();
Document target = builder.parse(new StringBufferInputStream(targetXML));
Element source = builder.parse(new StringBufferInputStream(sourceXML)).getDocumentElement();
target.appendChild(source);
UPDATE 2
But I don't want to use any java code.
Well, if your target XML can represent as a template string you can use standard replaceFirst() in the <transformer> with expression:
String targetXml = "";
<transformer expression="'<?xml version="1.0" encoding="UTF-8"?>
<PQ>
<PQContact>
<hostAddress>10.193.244.136</hostAddress>
<name>Ashok</name>
<userId>007</userId>
</PQContact>
$workflowStatusCommentToken$
</PQ>'.replaceFirst('\\$workflowStatusCommentToken\\$', headers.originalXml)"/>
I'm having issues trying to move a completed envelope into the deleted bin in DocuSign using the REST API. The error I am getting is:
<errorDetails xmlns="http://www.docusign.com/restapi" xmlns:i="http://www.w3.org/2001/XMLSchema-instance">
<errorCode>INVALID_REQUEST_BODY</errorCode>
<message>The request body is missing or improperly formatted. <envelopeMoveRequest xmlns=''> was not expected.</message>
</errorDetails>
Here is the API call I make:
Address: https://www.docusign.net/restapi/v2/accounts/{accountid}/folders/recyclebin Http-Method: PUT
Content-Type: application/xml
Headers: {Content-Type=[application/xml], Accept=[application/xml], X-DocuSign-Authentication=[{"Username":"username","Password":"password","IntegratorKey":"integrator key"}], Context-Length=[31274]}
Payload:
<?xml version="1.0" encoding="UTF-8"?>
<envelopeMoveRequest xmlns="http://www.docusign.com/restapi" xmlns:i="http://www.w3.org/2001/XMLSchema-instance">
<envelopeIds xmlns:d2p1="http://schemas.microsoft.com/2003/10/Serialization/Arrays">
<d2p1:string>EnvelopeId</d2p1:string>
</envelopeIds>
<fromFolderId/>
</envelopeMoveRequest>
I could use some help figuring out how my API call is wrong.
The following just worked for me. Make sure you are not copy/pasting any hidden or extra characters as well:
<envelopeMoveRequest xmlns:i="http://www.w3.org/2001/XMLSchema-instance" xmlns="http://www.docusign.com/restapi">
<envelopeIds xmlns:d2p1="http://schemas.microsoft.com/2003/10/Serialization/Arrays">
<d2p1:string>828a593e-10ae-4e54-bccc-66b5e66a5e81</d2p1:string>
</envelopeIds>
</envelopeMoveRequest>
Usually the corresponding XML for DocuSign requests (when compared to the JSON equivalent) has extra nodes representing individual elements of a collection or array. So in this case try adding an individual node for each envelopeId.
Right now you have:
<envelopeIds>EnvelopeId</envelopeIds>
Try changing to this:
<envelopeIds>
<envelopeId>EnvelopeId</envelopeId>
</envelopeIds>
Our current service has 7 operations. when writing an outbound xquery "local entry" in wso2, we're trying to retrieve the name of the current operation being executed (how can this be so difficult?).
After reading what i could find in wso2's documentation. it appears as if we need to set up both a Property and an Xquery mediator. supposedly the property mediator would pull the value doing something like get-property('OperationName') and then this would be referenced and passed thru the Xquery mediator.
The other idea was that we needed to define it as a variable in the "Local Registry entry definitions" and than it would be around at all parts of the sequence.
I've tried for 2 days but haven't quite got it.
Please tell me what I'm missing...
Did you try the following xquery sample[1]? I modified the query mediator to get the operation name as follows.
<variable xmlns:ax21="http://services.samples/xsd" xmlns:m0="http://services.samples" name="code" expression="get-property('OperationName')" type="STRING" />
this worked fine. I could see the getQuote in the response message.
[1] http://wso2.org/project/esb/java/4.0.2/docs/samples/advanced_mediation_samples.html#Sample390