Wrong Password length

There are three UA Stacks available from the OPC Foundation. In our products we use the OPC UA ANSI C Stack. The Java SDK uses the Java Stack.

Moderator: Support Team

Post Reply
induna23
Hero Member
Hero Member
Posts: 23
Joined: 02 Sep 2011, 06:15

Wrong Password length

Post by induna23 »

Hi,

I just tried to connect UAEXpert to my server in UserName/Password mode.
Username : [Admin]
Password : [Admin!121]

The Security settings are "Basic128Rsa15" and Sign"

But my server prints a some junk characters as password and the password length is shown as 128. Because of this the authentication fails.

But if the security settings are "None" and "None", then the password comes right and I am able to print it properly.

What could be the problem ?

Thanks & Regards,
Indu

User avatar
Support Team
Hero Member
Hero Member
Posts: 2519
Joined: 18 Mar 2011, 15:09

Re:Wrong Password length

Post by Support Team »

Hi induna23

from your question I assume that you are implementing a UA server directly based on the UaStack and don't use one of our SDKs.
With an SDK you would not need to care about such details.
See http://doc.unifiedautomation.com/uasdkc ... ation.html

Implementing a server directly on stack level is possible but not recommended.
This requires expert knowledge about OPC UA internals and years of work.

Regarding your question:

For your current problem you need to implement the ActivateSessionRequest yourself, which means you need to evaluate the UserIdentityToken, which is an ExtensionObject.
This can be either of type
* OpcUaId_AnonymousIdentityToken
* OpcUaId_UserNameIdentityToken
* OpcUaId_X509IdentityToken

In the case of the UserNameIdentityToken, the contained password can be encrypted with various encryption algorithms. These are independent of the session's security policy, that's why this structure contains also the used algorithm.
The password you see is padded to 128 and encrypted - that's why you see garbage characters.
You must decrypt it first to see the plain text password.

If this sounds like complete gibberish to you, you should really consider using a SDK.

regards,
Support Team.
Best regards
Unified Automation Support Team

Post Reply