Document how to disable Axis replay attack prevention

[bnevis-i]

Conversation from Slack

Juliana Maria ospina
1 month ago
Hi! I am working with Onvif Camera Device Service (https://github.com/edgexfoundry/device-onvif-camera) and follow the guide for the full walkthrough. I tried to manage the camera from edge X UI sending commands like Get Status, and the result was succesful when i tried with the camera of my cellphone. Nevertheless when i try with some Axis cameras, I always get the following error (it doesnt matter which command i try):
"code: 500 , message: request failed, status code: 500, err: {"apiVersion":"v2","message":"error reading DeviceResourece GetStatus for Camera001 -\u003e failed to initialize onvif client for 'Camera001' camera -\u003e failed to initialize Onvif device client -\u003e camera is not available at 192.168.1.9 or it does not support ONVIF services","statusCode":500}"
I used Wireshark to see what was happening and found that the used URI for the POST request is: http://192.168.1.9/onvif/device_service and the answer obtained is HTTP 400 Bad Request. Using in paralel the program "Onvif Device Manager" (which succesfully connects and control the Axis camera), and using wireshark I saw they use a diferent URI for the request: http://192.168.1.9/onvif/services . So considering the error mentioned a Bad Request, it makes me thought that maybe the problem is in the URI. I would like to try changing this URI on the request made by the Onvif Camera Device Service, but i dont know how to change it.
Considering the above, could you please help me either teaching me how to change this URI on the Onvif Camera Device Service or telling me what could be causing the error i got?
Thanks a lot!!! (edited)

Brad Clements
1 month ago
which device discovery method are you using, netscan or ws-discovery? The later method appears to obtain the onvif path from the ws-discovery response returned by the device, as described here (see Xaddrs element). It might be worth using wireshark during the discovery process if you're using ws-discovery. disclaimer - I haven't used edgex yet for anything.

Juliana Maria ospina
28 days ago
Hi Brad! Thanks for answering. I use Wireshark to trace the possible problem and found the solution. Its necessary to disable replay-attack protection in Axis devices. This can be done using web interface: (Setup>SystemOptions>Advanced>PlainConfig>Webservice> "Enable replay attack protection"). Changing this on the camera, the communication between Edge X and Camera works fine, for further explanation of this issue, in the next link is more detail: https://stackoverflow.com/questions/5180192/onvif-authentication-failure-with-axis-p3301-using-onvif-protocol