The UserToken PolicyId is made unique per server instance. (#1663)

* The UserToken PolicyId is made unique per server instance as in the specification.
OPCFoundation · Jan 14, 2022 · 15f1fcb · 15f1fcb
1 parent fa6099b
commit 15f1fcb
Show file tree

Hide file tree

Showing 3 changed files with 7 additions and 17 deletions.
diff --git a/Stack/Opc.Ua.Bindings.Https/Stack/Https/HttpsServiceHost.cs b/Stack/Opc.Ua.Bindings.Https/Stack/Https/HttpsServiceHost.cs
@@ -24,7 +24,6 @@
 using System;
 using System.Collections.Generic;
 using System.Security.Cryptography.X509Certificates;
-using System.Threading.Tasks;
 
 
 namespace Opc.Ua.Bindings

diff --git a/Stack/Opc.Ua.Core/Stack/Server/ServerBase.cs b/Stack/Opc.Ua.Core/Stack/Server/ServerBase.cs
@@ -42,6 +42,7 @@ public ServerBase()
             m_listeners = new List<ITransportListener>();
             m_endpoints = null;
             m_requestQueue = new RequestQueue(this, 10, 100, 1000);
+            m_userTokenPolicyId = 0;
         }
         #endregion
 
@@ -808,7 +809,6 @@ ICertificateValidator certificateValidator
         /// </returns>
         public virtual UserTokenPolicyCollection GetUserTokenPolicies(ApplicationConfiguration configuration, EndpointDescription description)
         {
-            int policyId = 0;
             UserTokenPolicyCollection policies = new UserTokenPolicyCollection();
 
             if (configuration.ServerConfiguration == null || configuration.ServerConfiguration.UserTokenPolicies == null)
@@ -822,25 +822,15 @@ public virtual UserTokenPolicyCollection GetUserTokenPolicies(ApplicationConfigu
 
                 if (String.IsNullOrEmpty(policy.SecurityPolicyUri))
                 {
-                    // ensure each policy has a unique id.
                     if (description.SecurityMode == MessageSecurityMode.None)
                     {
                         // ensure a security policy is specified for user tokens.
-                        clone.SecurityPolicyUri = SecurityPolicies.Basic256;
-                        clone.PolicyId = Utils.Format("{0}", ++policyId);
+                        clone.SecurityPolicyUri = SecurityPolicies.Basic256Sha256;
                     }
-                    else
-                    {
-                        clone.PolicyId = Utils.Format("{0}", policyId++);
-                    }
-
-                    policyId++;
                 }
-                else
-                {
-                    clone.PolicyId = Utils.Format("{0}", policyId++);
-                }
-
+                // ensure each policy has a unique id within the context of the Server
+                clone.PolicyId = Utils.Format("{0}", ++m_userTokenPolicyId);
+
                 policies.Add(clone);
             }
 
@@ -1612,6 +1602,8 @@ private void OnProcessRequestQueue(object state)
         private List<ITransportListener> m_listeners;
         private ReadOnlyList<EndpointDescription> m_endpoints;
         private RequestQueue m_requestQueue;
+        // identifier for the UserTokenPolicy should be unique within the context of a single Server
+        private int m_userTokenPolicyId = 0;
         #endregion
     }
 }
diff --git a/Stack/Opc.Ua.Core/Stack/Tcp/TcpServiceHost.cs b/Stack/Opc.Ua.Core/Stack/Tcp/TcpServiceHost.cs
@@ -13,7 +13,6 @@
 using System;
 using System.Collections.Generic;
 using System.Security.Cryptography.X509Certificates;
-using System.Threading.Tasks;
 
 namespace Opc.Ua.Bindings
 {