username/password authentication

Questions regarding the use of the .NET SDK 2.0 for Server or Client development or integration into customer products ...

Moderator: uasdknet

Post Reply
peter_g
Jr. Member
Jr. Member
Posts: 1
Joined: 19 Apr 2021, 15:05

username/password authentication

Post by peter_g »

Hi all,

I need to implement username passwort authentication without certificat to access the server (in .Net Core).
I followed the documentation in https://documentation.unified-automation.com/uasdkdotnet/2.5.3/html/L2ServerTutDemoServer.html#DemoServerExampleUserLogon_3

As I understand, I just have to set

Code: Select all

args.IdentityValidationError = StatusCodes.BadIdentityTokenInvalid;
in SessionManager_ImpersonateUser (see the code snippet below) to prevent someone with false credentials from accessing the server.

Unfortunately, it does not have that effect.
I've been looking for a solution for a long time - so far without a solution. Do you have an idea what could be the error here?

Best regards,
Peter

Code: Select all

public class EdnaOpcUaServer : ServerManager, INodeManager
{

    ...

    public EdnaOpcUaServer()
    {
        ednaNodeManager = new EdnaNodeManager(this);
    }

    ...

    protected override void OnRootNodeManagerStarted(RootNodeManager nodeManager)
    {
        ...

        SessionManager.ImpersonateUser += new ImpersonateEventHandler(SessionManager_ImpersonateUser);

        ...
    }

    private async void SessionManager_ImpersonateUser(Session session, ImpersonateEventArgs args)
    {
        var userNameToken = args.NewIdentity as UserNameIdentityToken;

        ...

        var permissionIsOk = await ValidateUserCredentials(userNameToken.UserName, userNameToken.DecryptedPassword);


        if (!permissionIsOk)
        {
            args.IdentityValidationError = StatusCodes.BadIdentityTokenInvalid;

            return;
        }

        args.IdentityValidationError = StatusCodes.Good;
    }

}


public class EdnaOpcUaInitializer : IDisposable, IInitializer
{
    ...

    public EdnaOpcUaInitializer(OpcUaConfig opcUaConfig, EdnaOpcUaServer opcUaServer)
    {
        licenseFileProvider = new LicenseFileProvider();
        LoadLicense();

        baseApplication = new ApplicationInstanceBase { SecurityProvider = new BouncyCastleSecurityProvider() };



        var cfg = new ConfigurationInMemory();

        var endpointSettings = new EndpointSettings()
        {
            Endpoint = new[]
            {
                new UnifiedAutomation.UaSchema.EndpointConfiguration()
                {
                    EndpointUrl = "opc.tcp://localhost:48030",
                    EnableSignOnly = true,
                    DisableSignAndEncrypt = true, 
                    DisableNoSecurity = true, 
                },
            },
        };
        cfg.EndpointSettings = endpointSettings;

        ...

        cfg.ServerSettings = new UnifiedAutomation.UaSchema.ServerSettings()
        {
            ...
            UserIdentity = new UserIdentitySettings()
            {
                EnableAnonymous = false,
                EnableUserName = true,
                EnableCertificate = false,
            }
        };


        ...


        baseApplication.SetApplicationSettings(cfg);

        baseApplication.AutoCreateCertificate = true;
        baseApplication.UntrustedCertificate += (sender, args) => { args.Accept = true;};
    }

}

Post Reply