I need to implement username passwort authentication without certificat to access the server (in .Net Core).
I followed the documentation in https://documentation.unified-automation.com/uasdkdotnet/2.5.3/html/L2ServerTutDemoServer.html#DemoServerExampleUserLogon_3
As I understand, I just have to set
Code: Select all
args.IdentityValidationError = StatusCodes.BadIdentityTokenInvalid;
Unfortunately, it does not have that effect.
I've been looking for a solution for a long time - so far without a solution. Do you have an idea what could be the error here?
Best regards,
Peter
Code: Select all
public class EdnaOpcUaServer : ServerManager, INodeManager
{
...
public EdnaOpcUaServer()
{
ednaNodeManager = new EdnaNodeManager(this);
}
...
protected override void OnRootNodeManagerStarted(RootNodeManager nodeManager)
{
...
SessionManager.ImpersonateUser += new ImpersonateEventHandler(SessionManager_ImpersonateUser);
...
}
private async void SessionManager_ImpersonateUser(Session session, ImpersonateEventArgs args)
{
var userNameToken = args.NewIdentity as UserNameIdentityToken;
...
var permissionIsOk = await ValidateUserCredentials(userNameToken.UserName, userNameToken.DecryptedPassword);
if (!permissionIsOk)
{
args.IdentityValidationError = StatusCodes.BadIdentityTokenInvalid;
return;
}
args.IdentityValidationError = StatusCodes.Good;
}
}
public class EdnaOpcUaInitializer : IDisposable, IInitializer
{
...
public EdnaOpcUaInitializer(OpcUaConfig opcUaConfig, EdnaOpcUaServer opcUaServer)
{
licenseFileProvider = new LicenseFileProvider();
LoadLicense();
baseApplication = new ApplicationInstanceBase { SecurityProvider = new BouncyCastleSecurityProvider() };
var cfg = new ConfigurationInMemory();
var endpointSettings = new EndpointSettings()
{
Endpoint = new[]
{
new UnifiedAutomation.UaSchema.EndpointConfiguration()
{
EndpointUrl = "opc.tcp://localhost:48030",
EnableSignOnly = true,
DisableSignAndEncrypt = true,
DisableNoSecurity = true,
},
},
};
cfg.EndpointSettings = endpointSettings;
...
cfg.ServerSettings = new UnifiedAutomation.UaSchema.ServerSettings()
{
...
UserIdentity = new UserIdentitySettings()
{
EnableAnonymous = false,
EnableUserName = true,
EnableCertificate = false,
}
};
...
baseApplication.SetApplicationSettings(cfg);
baseApplication.AutoCreateCertificate = true;
baseApplication.UntrustedCertificate += (sender, args) => { args.Accept = true;};
}
}