Is the Nx Cloud up? Visit our Status Page for the current health and performance of the Nx Cloud.

Status Page

using RTSP with bearer authentication

Answered
Eylon Cohen

Hi,
We are currently in the process of upgrading our integration to support Nx Witness 6.1.0.42176. As part of this transition, we are moving away from Digest Authentication toward Bearer Tokens for our RTSP streams, currently using VLC based application.

As mentioned in my comment on [Link to Old Post], we have attempted to implement the "token-as-password" method recently introduced for third-party players, but we are consistently unable to establish a connection.

Our Setup:

  • Site Version: 6.1.0.42176
  • Method: Session token used as password with a hyphen (-) as the username.
  • Security Settings: "Force Secure Connections" is currently disabled for testing.
  • User Permissions: The account has "Extract Video" permissions enabled.

Example URL Tested:

rtsp://-:vms-b1e9ed282c51d2aee9c8e04e8e8ecd1b-PnPZ6bVX61Ab02TTlZAr8T9Oy4UYUL@<SERVER-IP>:7001/b769050d-ab92-3762-cf8e-614414ab37f7?stream=0

The Issues:

  1. VLC: Returns a 401 Unauthorized error immediately. We have verified the token is fresh and valid via the /rest/v4/login/sessions endpoint.
  2. Encoding: We have tried both raw and URL-encoded versions of the token to ensure the special characters aren't breaking the RTSP string parsing.
  3. We've also enabled digest auth temporarily for our user to isolate the authentication problem - which worked just fine.

Questions:

  • Is the "hyphen username" feature fully supported in this specific build, or is a newer patch required?
  • Are there specific global security levels that override the hyphen-token method?

We would appreciate any guidance or logs we should look into to debug why the server is rejecting these credentials.

Best regards, Eylon.

0

Comments

1 comment

Date Votes
  • Official comment
    Sergey Yuldashev
    • Network Optix team

    Hello Eylon Cohen ,

    Is the "hyphen username" feature fully supported in this specific build, or is a newer patch required?

    Due to certain complications it is not going to be delivered under 6.1.0 support and will only be available with 6.2 version.

    Partially because of that the complete depreciation of digest auth was postponed to 6.2 too.

     

    Are there specific global security levels that override the hyphen-token method?

    No, there are not. It is just not supported yet.

    As soon as it is delivered, this option will be covered in one of the public documentation sections.

Please sign in to leave a comment.

Didn't find what you were looking for?

New post