API problem

Answered

December 22, 2021 17:13

I try to send HTTP request with the in-client Nx Witness
But still not work.

I make same test with Postman, and it's work perfectly.

I make many test with James Cox and nothing work.
In NxServer log it is getting 401 which might be to do with the header ... an authentication issue maybe

ERROR CODE :

2021-12-22 14:39:16.415 7bc WARNING QMessageLogContext(0x1c3c1d79348): Failed to execute HTTP action for url "https://192.168.168.47:8443/api/rule/es/disarm/" osErrorCode: 0 HTTP result: 401

I'm available to make your own test, I can give you access.

Best regards,

Comments

19 comments

Norman

Network Optix team

December 22, 2021 18:05 Edited
Hi Jordan,

Have you tried to use Basic Authentication?

A server using HTTP authentication will respond with a 401 Unauthorized response to a request for a protected resource. This response must include at least one WWW-Authenticate header and at least one challenge, to indicate what authentication schemes can be used to access the resource (and any additional data that each particular scheme needs).

So the reason could be found in the header of the response.
0
Jordan IUNCKER

December 23, 2021 07:48
Norman

Yes already test with Basic.
But we can't insert ID:PW@ in the url.

Nx don't support it.
0
Norman

Network Optix team

December 23, 2021 10:46
Hi Jordan IUNCKER,

The screenshot shows that you duplicated the credentials.

If you do it like this, it works just fine:
1. Paste API call here.
2. Add the credentials here.
0
Jordan IUNCKER

December 23, 2021 10:52
Hi Norman

The screenshot show it's just and example with credentials in URL not work.
I already test that and don't work.

Please, I make all test already with James Cox.
You can connect to my system right now if you want test it.
Regards,
0
Norman

Network Optix team

December 23, 2021 13:04
Hi Jordan IUNCKER,

I would ask the supplier of the device you're sending the API why the failure exists.
Nx Witness 4.2 can send an HTTP request with basic digest without any issue.

Since you receive an HTTP 4.1 error notification, it is clear that there is an authentication error.
I noticed in the Postman screenshot, that 9 headers were used. So maybe some information in the header is missing when you send the request through Nx as I mentioned before. If so, HERE you can find some information about how to add the header to an HTTP request through JSON.

I would use Wireshark to capture the event with Postman en do it again with Nx and check for the differences.
0
Jordan IUNCKER

December 23, 2021 17:13
Hi Norman

Can you open a ticket ?
I can send you more screenshot & information about the problem.
And fews screenshot from the supplier of the device.

Supplier use too NX, and have same issues.

About 9 Headers, it's default headers, I don't add anything in postman :
About add header to an HTTP request, I don't really understand how I can add the authentification ?

If you want make some test, I can give you access. And you can't test it & check it with Wireshark.
0
Jordan IUNCKER

December 23, 2021 17:51 Edited
I found in postman the full code with the header :

Any solution so ?

Norman
0

Jordan IUNCKER

December 24, 2021 08:49

Hi Norman

Screenshot from the supplier of the device :

And tracelog from the supplier... He test too and not work

john@250vlan60:/opt/networkoptix/mediaserver/var/log
$tail -f ./log_file.log | grep HTTP
2021-12-23 13:53:47.774   1994 WARNING QMessageLogContext(0x7f36282aa068): Failed to execute HTTP action for url  "https://10.200.183.50:8443/api/board/io/relay/" osErrorCode: 0 HTTP result: 401
2021-12-23 13:53:51.798   1993 WARNING QMessageLogContext(0x7f361c018118): Failed to execute HTTP action for url  "https://10.200.183.50:8443/api/rule/es/disarm/" osErrorCode: 0 HTTP result: 401
2021-12-23 13:53:54.123   1998 WARNING QMessageLogContext(0x7f3608009078): Failed to execute HTTP action for url  "https://10.200.183.50:8443/api/rule/es/disarm/" osErrorCode: 0 HTTP result: 401
2021-12-23 13:55:31.801   1994 WARNING QMessageLogContext(0x7f3628046c28): Failed to execute HTTP action for url  "https://10.200.183.50:8443/api/rule/es/disarm/" osErrorCode: 0 HTTP result: 401
2021-12-23 13:55:33.801   1993 WARNING QMessageLogContext(0x7f361c008818): Failed to execute HTTP action for url  "https://10.200.183.50:8443/api/board/io/relay/" osErrorCode: 0 HTTP result: 401
2021-12-23 13:55:34.739   1993 WARNING QMessageLogContext(0x7f361c009b38): Failed to execute HTTP action for url  "https://10.200.183.50:8443/api/rule/es/disarm/" osErrorCode: 0 HTTP result: 401
2021-12-23 13:55:39.153   1999 WARNING QMessageLogContext(0x7f361027fff8): Failed to execute HTTP action for url  "https://10.200.183.50:8443/api/rule/es/disarm/" osErrorCode: 0 HTTP result: 401
2021-12-23 13:55:39.745   1997 WARNING QMessageLogContext(0x7f3618008368): Failed to execute HTTP action for url  "https://10.200.183.50:8443/api/board/io/relay/" osErrorCode: 0 HTTP result: 401
2021-12-23 13:55:40.432   1998 WARNING QMessageLogContext(0x7f3608018ec8): Failed to execute HTTP action for url  "https://10.200.183.50:8443/api/rule/es/disarm/" osErrorCode: 0 HTTP result: 401

Norman

Network Optix team

December 24, 2021 09:01
Hi Jordan IUNCKER,

Checking the logs, especially on the INFO level, will reveal the same information as you already got.

As said, I would use Wireshark to capture the event with Postman en do it again with Nx and check for the differences.
0
Jordan IUNCKER

December 24, 2021 09:05
Hi Norman

Yes I understand you would use Wireshark, but can you connect to my system to do it ?
It's really urgent.. We need only solve this problem to finish a project....
0
Jordan IUNCKER

December 24, 2021 09:55
Hi Norman

I capture event with Postman & Nx
You can download it : https://we.tl/t-xdn2Trzzos
0
Norman

Network Optix team

December 24, 2021 10:03
Hi Jordan IUNCKER,

Both files do not contain the HTTP request from server to camera.
0
Jordan IUNCKER

December 24, 2021 10:16
Norman

Can you connect to help me ?

I only apply the filter "dst host" but wireshark find only TCP... I don't see any HTTP request
0
Julien ROMANO

January 25, 2022 15:50
Jordan IUNCKER

I've same issue to control AI box

I'm pretty sure that the httpS certificate of AI box that Nx is not enable to auto accept
0
Norman

Network Optix team

January 25, 2022 17:21
Hi Julien ROMANO,

Sequrinet allows only Bearer authorization, if it detects Mozilla/5.0 in the user agent, and does not allow to use basic or digest auth for Nx Witness.
```
Request Headers
User-Agent: Nx Witness/4.2.0.34214 (Network Optix) Mozilla/5.0 (Windows NT 6.1; WOW64)
Authorization: Basic bnhhZG1pbjpueDEzNTc5
Content-Type: application/json
Postman-Token: 13fbb5cd-8b46-48f0-8246-20cea58a71fb
Host: 222.112.8.228:7443
Connection: keep-alive
Content-Length: 23

▶Response Headers
Server: nginx
Date: Mon, 17 Jan 2022 13:54:45 GMT
Content-Type: text/html; charset=utf-8
Content-Length: 19
Connection: keep-alive
WWW-Authenticate: Bearer realm="Authentication Required"
```
Setting user agent to "User-Agent: Nx Witness/4.2.0.34214 (Network Optix) Mozilla/5.0 (Windows NT 6.1; WOW64)" in Postman or curl will trigger the same issue. At this point it doesn't look like we can provide a workaround for this issue and this should be fixed in the AI box.

We additionally discussed this situation with our dev team, and we simply cannot remove the Mozilla header as the user agent as a lot of security software like the Web Application Firewall might block requests with an unknown user agent. This was added intentionally to make sure the firewall wouldn't block our requests, and we've never had any issues with that over the last couple of years. On another hand, this doesn't conflict with any standard specification, as RFC states that this field can be used only for statistical purposes. In addition to that, nowadays most of the developers aiming to anonymization of personal data, so even Chrome browser would send "Mozilla" in user-agent.

If you reach out to your supplier of the AI boxes, there should be a solution available.
0
Visus Support

January 27, 2022 15:35
Hello Julien ROMANO,

I am currently having the exact same difficulty with the AI-Box, where I need to use NxWitness to send an HTTP request to the AI-Box, but it appears to demand that the header "User-Agent" be set to "Client Application" and refuses all request with different header.

Were you able to find any workaround?

I am currently sending an email to Sequrinet to request that there is at least an option to accept ANY HTTP requests and not only the ones with "Client Application" header.

My scenario: I need to have 5 digital inputs triggers on the AI-Box, but the AI-Box only has 4 physical DI's.
My workaround: Get a ADAM I/O module, and use the 5+ inputs to trigger NxWitness which in turn will send a VirtualTrigger to AIBox

Note: The reason I need to do such a complex workaround is due to multiple limitations on the camera side.
0
Norman

Network Optix team

January 27, 2022 15:58
Hi Visus Support,

Sequrinet should be able to offer you new firmware that resolves the issue.
0
Visus Support

January 28, 2022 10:27
Hi Norman,

Can you point me to a contact address which can provide me the new firmware that resolves the issue. My current contact window does not seem to know anything about this...
0
Norman

Network Optix team

January 28, 2022 12:38
Hi Visus Support,

Unfortunately, I only have this from hearsay.

Hi Jordan IUNCKER,

Can you drop a name for our Portuguese reseller?
0

Please sign in to leave a comment.

API problem

Comments

Didn't find what you were looking for?