Good Morning,
In the situation where there are inactive OPC UA Clients connected to our OPC UA Server, is there a way to forcibly disconnect these clients (from the server) from something like a "cleanup thread", that runs on the server?
Thank you
Force a client disconnect?
Moderator: uasdkcpp
- Support Team
- Hero Member
- Posts: 3072
- Joined: 18 Mar 2011, 15:09
Re: Force a client disconnect?
Hi,
in OPC UA the server is "passive" and the client is "active" component. As long a client is connected and has a running (activated) session, the server can not drop the connection (except by shuting down the endpoint, but that would drop all other clients as well).
So best protection against misbehaving clients is "not to let them connect" in a fisrt place (e.g. just allow by trusting application's certificate). However within (or before) the session timeout, the server can not close. You could adjust the session livetime, to get rid of the object when not having any activity anymore, however this is global parameter.
in OPC UA the server is "passive" and the client is "active" component. As long a client is connected and has a running (activated) session, the server can not drop the connection (except by shuting down the endpoint, but that would drop all other clients as well).
So best protection against misbehaving clients is "not to let them connect" in a fisrt place (e.g. just allow by trusting application's certificate). However within (or before) the session timeout, the server can not close. You could adjust the session livetime, to get rid of the object when not having any activity anymore, however this is global parameter.
Best regards
Unified Automation Support Team
Unified Automation Support Team
-
- Sr. Member
- Posts: 16
- Joined: 01 Jun 2016, 13:08
Re: Force a client disconnect?
But if for security, you must disconnect a client and not the other.
I could disconnect a client from server initiative with getSessionManager()->getSessionList() and I identify the session with CommonName (a client must authenticate with certificate) and method close().
What about this method ?
I could disconnect a client from server initiative with getSessionManager()->getSessionList() and I identify the session with CommonName (a client must authenticate with certificate) and method close().
What about this method ?
-
- Sr. Member
- Posts: 10
- Joined: 09 May 2017, 10:44
Re: Force a client disconnect?
Hello Franck,
Thank you for your reply.
The reason that I am asking is that either clicking on the "x" in UA Expert, or if UAExpert receives a bad timeout, after connection successfully, means that the sessionClosed() method (in the node manager I think) never gets called. This suggests to me (if I am correct of course), that our OPC UA Server should implement some way to cleanup "missing" OPC UA Clients.
Another possible case is an OPC UA Client, that crashes; this would not necessarily mean the sessionClosed() is called.
Please advise.
Best regards
Thank you for your reply.
The reason that I am asking is that either clicking on the "x" in UA Expert, or if UAExpert receives a bad timeout, after connection successfully, means that the sessionClosed() method (in the node manager I think) never gets called. This suggests to me (if I am correct of course), that our OPC UA Server should implement some way to cleanup "missing" OPC UA Clients.
Another possible case is an OPC UA Client, that crashes; this would not necessarily mean the sessionClosed() is called.
Please advise.
Best regards
- Support Team
- Hero Member
- Posts: 3072
- Joined: 18 Mar 2011, 15:09
Re: Force a client disconnect?
Hi Chris,
you should not add any logic trying to detect sessions that you might close / delete in the server. All that logic is already part of the SDK.
Removing sessions before the lifetime expires is not conform to the OPC UA standard and client should be able to rely on that logic. A server can not distinguish between clients that crashed, clients that did not disconnect gracefully and clients that just have a temporary network issue for example.
The standard covers those scenarios by defining a session lifetime.
You can however change the supported / allowed session lifetime in the ServerConfig.
see https://documentation.unified-automation.com/uasdkcpp/1.8.1/html/L2ServerSdkServerConfig.html#server_config_xml_file_serversettings
you should not add any logic trying to detect sessions that you might close / delete in the server. All that logic is already part of the SDK.
Removing sessions before the lifetime expires is not conform to the OPC UA standard and client should be able to rely on that logic. A server can not distinguish between clients that crashed, clients that did not disconnect gracefully and clients that just have a temporary network issue for example.
The standard covers those scenarios by defining a session lifetime.
You can however change the supported / allowed session lifetime in the ServerConfig.
see https://documentation.unified-automation.com/uasdkcpp/1.8.1/html/L2ServerSdkServerConfig.html#server_config_xml_file_serversettings
Best regards
Unified Automation Support Team
Unified Automation Support Team