CAMNET
Client Logon

 

[ camnet logon ]
Each time you start the CAMNET Service Manager client you must enter your credentials to log onto the CAMNET server(s). The first time you do this, specify the following:

username:  admin40
password:  admin40
Once you have set up a user at the System, Users panel, these admin40 credentials are no longer valid. If you forget your user/password, delete the .udb file. The admin40 credentials return as valid. No copy of the password is kept by the CAMNET server; CAMNET uses SRP for authentication and all that is kept is a hash of the password, encrypted in the .udb file. (The client can keep a copy of the logon creds in slc_L.bin, which is an encrypted file; you do not need to keep the password in it, however.)

CAMNET server and its clients connect over an SSL channel (TLS 1.x) by default. This connection is further encrypted, just in case some bad guy has broken your SSL, with a one-time encryption key exchanged using the Secure Remote Password (SRP) prototcol. With SRP there is no possibility of a man-in-the-middle attack even with a self-signed certificate. This is performed for each client log on to the CAMNET server, which happens very often when interacting with CAMNET server. However, if you connect from the client to CAMNET server at 127.0.0.1, an SSL channel is not used, and no further encryption is done to the data transmitted; if your own machine is not secure those measures would not help. You may connect using a LAN address other than the local loop, but generally, to reduce CPU needs when the crypto is simply not necessary -- when CAMNET server and the client are on the same machine -- 127.0.0.1 would be better.

CAMNET server user credentials are stored in c:/camnet/camnetserver/camnetserver.udb. The camnetserver parts of this path are the default; naming the server differently via the -name option switch uses that given name.

To share one user database (it is a regular text file, encrypted) among multiple CAMNET servers, you can redirect .udb access. For example, to place the .udb at c:/camnet/camnet.udb, edit c:/camnet/camnetserver/camnetserver.udb to have the following (plain ASCII characters, not Unicode) lines:

      # user database

         redirect: "..\camnet.udb"
Most CAMNET data files can use this technique, including .cdb (GUID-to-camera user/password), .xdb (access control list), .sdb (schedule selector), and .rdb (recording purge). Of these, the .udb and .cdb are encrypted (the redirect files are not encrypted). The first line is a comment, and can contain any useful text (starting with a #).

The data files are managed by the server. The client does not have direct access to any files except the files in AppData (see below for the location of AppData files). The server can be across the planet from the client. Access to recordings, users, and so on, is only granted by CAMNET server to those authorized access.

CAMNET data files managed by the client are in the logged on user's AppData folder (which is of course on the machine hosting the client, not the server):

%HOMEPATH%\AppData\Local\40th.com\camnetsvcmgr

The camnetsvcmgr.cbn (camera/button) tracks cameras that are known to the server and client, even if the client later removes a camera. The once-removed camera can be restored by selecting it from the menu list at Cam setup, ID panel: the Name field. For some networks, opening this menu list twice is needed before it populates with removed camera names.

The .cbn file contains settings and states that are specific to the current machine (and user account) being used. While it could be copied to another machine, generally each client (machine) will have different settings.

The scp_L.txt stores System panel state. There is a scp_R.txt in the Roaming folder, but it is not currently used.

The slc_L.bin stores the saved logon credentials, including username, and if Remember password was checked, the password last entered.

Recording files are self-contained. No external database is used to access or play a recording.

CAMNET allows for a single admin account (the first account created at System, Users panel, is the admin account). To use a single, running CAMNET Service Manager client to manage multiple CAMNET servers requires all servers to have the same admin. You could start another client instance and log on using different credentials, or exit the client and restart it entering different credentials.