ONVIF authenticating by WS username token

1.     private static void ONVIFAuthenticatingByWSUsernameToken(final String userName, final String password)
2.     {
3.         // A random number value generated with a client uniquely is set
4.         byte[] nonce = new byte[16];
5.         new Random().nextBytes(nonce);
6.  
7.         // Nonce to base64
8.         String nonceBase64 = Base64.encodeToString(nonce, false);
9.  
10.         // Get the current UTC time properly formatted.
11.         final Date currentTime = new Date();
12.         final SimpleDateFormat sdf = new SimpleDateFormat("yyyy-MM-dd'T'hh:mm:ss.SSSZ");
13.         sdf.setTimeZone(TimeZone.getTimeZone("UTC"));
14.         String dt = sdf.format(currentTime);
15.  
16.         byte[] operand = new byte[nonce.length + dt.getBytes().length + password.getBytes().length];
17.         System.arraycopy(nonce, 0, operand, 0, nonce.length);
18.         System.arraycopy(dt.getBytes(), 0, operand, nonce.length, dt.getBytes().length);
19.         System.arraycopy(password.getBytes(), 0, operand, nonce.length + dt.getBytes().length, password.getBytes().length);
20.  
21.         String hashBase64 = Base64.encodeToString(DigestUtils.sha(operand), false);
22.  
23.         String soapHeader =
24.       "<soap:Header>\n" +
25.       "  <Security soap:mustUnderstand=\"1\" xmlns=\"http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd\">\n" +
26.           "    <UsernameToken>\n" +
27.               "      <Username>" + userName + "</Username>\n" +
28.               "      <wsse:Password Type=\"http://docs.oasis-open.org/wss/2004/01/oasis-200401-wssusername-token-profile-1.0#PasswordDigest\">" + hashBase64 + "</wsse:Password>\n" +
29.               "      <wsse:Nonce >" + nonceBase64 + "</wsse:Nonce>\n" +
30.               "      <Created>" + dt + "</Created>\n" +
31.           "    </UsernameToken>\n" +
32.       "  </Security>\n" +
33.     "</soap:Header>";
34.  
35.         System.out.println(soapHeader);
36.     }