Ok, let me go on describing the discovery process.
My goal is to use VSM 7 API to perform PanTiltZoom actions on the cameras.
In the previous episode I figured out how to get SessionId using SOAP API.
Yet, this SessionId didn't seem to work in the context of doPTZ REST API call.
Well, there's something about security token, which are to be issued for each camera in order to get control over it.
It's a getSecurityToken SOAP call...
And now we enter a field which is pretty poorly documented and it required quite alot of hacking to get through:
SessionId is required to perform the getSecurityToken call, sure.
There's nothing in the docs on how to transfer the SessionId.
Trying to go on without specifying the SessionId throws an exception saying it should be in the request header.
But adding "SessionId:" didn't help - I was still getting the same exception.
At the same time analyzing how the VSM web interface works we figured out the SessionId is transferred in the cookies with the name of "x-ism-sid".
So, same cookies were added to the getSecurityToken request. This didn't help. Still the same exception regarding SessionId missing in the headers.
On, next iteration: "x-ism-sid:" was added to the request header (not the cookies, but header itself) and, it worked!
So... Now I have:
2. Camera UID
3. valid SecurityToken for the camera
I should be ready to do some PTZ on it, right?
But the mistery is now over yet.
According to the documentation I should be doing PUT on this URL:
Ok, I see where the Camere UID goes, but what to do to the SessionId and the SecurityToken?
Somewhere in the documentation examples, not directly related to the PTZ activity it was mentioned that the SecurityToken goes as a token= request parameter. Ok, I've added it to the string:
1. Going without SessionId at all responds with 403 - Forbidden. Message says "Access to the specified resource () has been forbidden.
2. Going with SessionId: in the request header results in 401 - Authentication Required and "Invalid SessionId header"
3. Setting SessionId with "x-ism-sid:" in the header or int the cookies resilts the same as 1.
I feel I'm getting closer to the final goal of my quest, but still have a riddle to solve.
Could someone familiar with this implementation please give me a hand?