The principle of authentication: according to the account password sent by the client, monitor whether it is correct with the account password set by the server
In addition, the password sent by the client is encrypted. For details on how to encrypt it, please refer to the official document. Here, the corresponding function is directly used to compare it with the back-end password. Tested is OK.
If the client enters the wrong account number, or does not fill in it, or writes the wrong password, it can prompt an error.
Client test software: ONVIF Device Manager V2.2.250
int onvif_access_control(struct soap *soap)
{
if (soap == NULL || soap->header == NULL || soap->header->wsse__Security == NULL)
{
printf ("no authentication,refuse it!\n");
return 401;
}
_wsse__Security *pwsse = soap->header->wsse__Security;
struct _wsse__UsernameToken* ptoken = pwsse->UsernameToken;
printf ("Username=%s\n", ptoken->Username);
printf ("Nonce=%s\n", ptoken->Nonce);
printf ("Password=%s\n", ptoken->Password->__item);
printf ("PasswordType=%s\n", ptoken->Password->Type);
printf ("wsu__Created=%s\n", ptoken->wsu__Created);
if (strcmp(ptoken->Username, "admin") != 0)
{
printf("username is fault\r\n");
return 401;
}
const char *password = "audfly2018";
if (soap_wsse_verify_Password(soap,password))
{
soap_wsse_delete_Security(soap);
printf("ERROR Password is fault\r\n");
return 401;
}
soap_wsse_delete_Security(soap);
return SOAP_OK;
}