Hi,
For instance, client_A and client_B want to connect to my OPC UA server. Both of them can be login. But, I want to give permission only one of them to see modelerObjects. The only client_A can read and monitor my variables.
Could you show a start point for me to do this purpose?
Thanks
Best Regards
How can I manage my clients
Moderator: uasdkcpp
-
Support Team
- Hero Member
- Posts: 3068
- Joined: 18 Mar 2011, 15:09
Re: How can I manage my clients
Hello seydimihmanli,
you can setup permissions for every UA operation (read, write, browse, call method...) and with that control if a Node is visible at all for a certain session and what operations are allowed.
Setting up these permissions can be done per namespace or for each single Node or a combination of both (define default permissions for a namespace and override that for some Nodes).
Step 1 - Configure permissions:
Configure permissoins for specific roles. You can use the predefined roles (WellKnownroles) like Operator, Observer, Anonymous, Supervisor,... or define you own roles.
e.g. in NamespaceA Oberservers can just browse and Operators can Browse, Read and Write values.
Step 2 - Define mapping rules:
When a client creates a session define which roles are assigned to that session. The decision can be base on the identity (e.g. username) or on the client application (applicationUri) or on the endpoint the client used to connect (see. Specification Part5 Annex F).
You find an example for that in DemoServer. Reading here is a good starting point:
http://documentation.unified-automation ... moServer_1
you can setup permissions for every UA operation (read, write, browse, call method...) and with that control if a Node is visible at all for a certain session and what operations are allowed.
Setting up these permissions can be done per namespace or for each single Node or a combination of both (define default permissions for a namespace and override that for some Nodes).
Step 1 - Configure permissions:
Configure permissoins for specific roles. You can use the predefined roles (WellKnownroles) like Operator, Observer, Anonymous, Supervisor,... or define you own roles.
e.g. in NamespaceA Oberservers can just browse and Operators can Browse, Read and Write values.
Step 2 - Define mapping rules:
When a client creates a session define which roles are assigned to that session. The decision can be base on the identity (e.g. username) or on the client application (applicationUri) or on the endpoint the client used to connect (see. Specification Part5 Annex F).
You find an example for that in DemoServer. Reading here is a good starting point:
http://documentation.unified-automation ... moServer_1
Best regards
Unified Automation Support Team
Unified Automation Support Team