Wowza Streaming Engine Digest Auth not working

Hi all,

I have an issue.

I’m having a php backend that interacts with Wowza Streaming Engine REST Api.

I’m using the WOWZA rest api to connect: https://github.com/WowzaMediaSystems/wse-rest-library-php
and also using their example. The wowza auth digest doesn’t work (the default auth), and I don’t know why.

I’m having everything set up: the users in the file, the method set up correctly, yet the server says that I don’t have credentials.

This is the response:

JSON REQUEST to http://localhost:8087/v2/servers/defaultServer/vhosts/defaultVHost/applications/{MY_APP}/instances with verb GET: {“restURI”:“http://localhost:8087/v2/servers/defaultServer/vhosts/defaultVHost/applications/{MY_APP}/instances”,“settings”:{}} RETURN: {“message”:“The request requires user authentication”,“success”:false,“wowzaServer”:“4.7.7”,“code”:“401”} {“message”:“The request requires user authentication”,“success”:false,“wowzaServer”:“4.7.7”,“code”:“401”}

My question is this: why is this not working?

Server.xml

<RESTInterface>
  <Enable>true</Enable>
  <IPAddress>*</IPAddress>
  <Port>8087</Port>
  <!-- none, basic, digest-->
  <AuthenticationMethod>digest</AuthenticationMethod>
  <DiagnosticURLEnable>true</DiagnosticURLEnable>
  <SSLConfig>
    <Enable>false</Enable>
    <KeyStorePath></KeyStorePath>
    <KeyStorePassword></KeyStorePassword>
    <KeyStoreType>JKS</KeyStoreType>
    <SSLProtocol>TLS</SSLProtocol>
    <Algorithm>SunX509</Algorithm>
    <CipherSuites></CipherSuites>
    <Protocols></Protocols>
  </SSLConfig>
  <IPWhiteList>*</IPWhiteList>
  <IPBlackList></IPBlackList>
  <EnableXMLFile>false</EnableXMLFile>
  <DocumentationServerEnable>true</DocumentationServerEnable>
  <DocumentationServerPort>8089</DocumentationServerPort>
  <!-- none, basic, digest-->
  <DocumentationServerAuthenticationMethod>basic</DocumentationServerAuthenticationMethod>
  <Properties>
  </Properties>
</RESTInterface>		

Users are saved in /conf/admin.password

What am I missing? The credentials are correct, because if I switch to basic auth, and call the server with http://{username}:{password}@localhost… works. The issue with the basic auth is that the WEB ui doesn’t work with that auth, so I’m left with either none as auth, or digest, and digest doesn’t work with the library.

Thanks,

Andrei

1 Like

Plain text user/password? Or did you hash them?

Everything is plain.

Should I have hashed the credentials (MD5)?

Also, on basic auth, it’s still plain text e.g. http://admin:admin@localhost:8087/

Kr,

Andrei

Not necessarily, just trying to make sure you aren’t trying to do digest auth vs. digest HTTP auth on accident. Subtle differences! https://www.wowza.com/docs/how-to-change-the-authentication-method-for-the-wowza-streaming-engine-rest-api

I’ll look closer into this see if I can figure out what’s going on.

Hi Amara,

Yes, I have read the docs so many times now, but it’s not that :slight_smile:

The php code that actually does the request to the server is the one from the official REST API:

$ch = curl_init($restURL);
curl_setopt($ch, CURLOPT_CUSTOMREQUEST, $verbType);
curl_setopt($ch, CURLOPT_POSTFIELDS, $json);

if ($this->settings->isUseDigest()) {
    curl_setopt($ch, CURLOPT_USERPWD,
        $this->settings->getUsername() . ':' . $this->settings->getPassword());
    curl_setopt($ch, CURLOPT_HTTPAUTH, CURLAUTH_DIGEST);
}

curl_setopt($ch, CURLOPT_RETURNTRANSFER, true);
curl_setopt($ch, CURLOPT_HTTPHEADER, [
    'Accept:application/json; charset=utf-8',
    'Content-type:application/json; charset=utf-8',
    'Content-Length: ' . strlen($json),
]);
$contents = curl_exec($ch);
curl_close($ch);

That’s (I suppose) the equivalent of the command line cUrl:

curl --digest -u "username:password" ...

You can also look here http://community.wowza.com/community/questions/7747/user-authentication-problem-via-curl-command.html for an example (it’s the same used).

Thanks,

Kr,

Andrei

What kind of characters are in your passwords? Can you try really basic username/password combinations? I’m wondering if there is an encoding issue.

The pass has no special characters, just plain letters and numbers. I have tried with all accounts, and some accounts with generic passwords, and still, no success.

Kr,

Andrei

Using curl the only way I’m seeing 401 unauthorized is if I have my auth set to something other than digest. Did you restart your server after making your server.xml changes?

Yes, I have restarted it everytime. Changing auth from none to basic to digest works when restarting the service.

The only issue is that with digest option selected, I get the above mentioned result.

Working with tech support to try to get you a better answer. They suggested looking at the readme to see the config.php example - https://github.com/WowzaMediaSystems/wse-rest-library-php

Have you tried that for setting your username and password?

Hi

I did, I’ll paste my config here, but everything is being set up. I’ve replaced my real credentials with dummy ones for this example.

<?php

define("WOWZA_HOST", "http://localhost:8087/v2");
define("WOWZA_SERVER_INSTANCE", "_defaultServer_");
define("WOWZA_VHOST_INSTANCE", "_defaultVHost_");
define("WOWZA_USERNAME", "{MY_USER}");
define("WOWZA_PASSWORD", "{MY_PASSWORD}");

// It is simple to create a setup object for transporting our settings
$setup = new Com\Wowza\Entities\Application\Helpers\Settings();
$setup->setHost(WOWZA_HOST);
$setup->setUsername(WOWZA_USERNAME);
$setup->setPassword(WOWZA_PASSWORD);

// Connect to the server or deal with statistics NOTICE THE CAPS IN COM AND WOWZA
$server = new Com\Wowza\Server($setup);
$sf = new Com\Wowza\Statistics($setup);
$response = $sf->getServerStatistics($server);
var_dump($response);

As you can see, it’s the same default config from their documentation. I can tell you, I have been following their read me / instruction carefully not to have inconsistent data, but still, same thing. And by the same thing I mean, that I have created my own library first for connecting to WOWZA via digest and it didn’t work, and after that I put the official PHP library and the result was the same. So my guessing is that it’s something with the actual auth with digest and not with the library.

We’re having a live event / live streaming on the 22nd of February, and me and my team are trying to figure this thing fast so that we can reach the timelimit for the event.

Thank you,

Kr,

Andrei

So sorry you are still having trouble with this. We will need you to open a support ticket so we can get a complete picture and help figure out what is going on - https://www.wowza.com/support/open-ticket

Ok, thank you.