You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
I report something that can be interpreted as a bug.
In Stack/SErver/ServerBase.Cs, we found GetUserTokenPolicies that returns the policies linked to the different endpoints.
protected virtual UserTokenPolicyCollection GetUserTokenPolicies(ApplicationConfiguration configuration, EndpointDescription description)
{
UserTokenPolicyCollection policies = new UserTokenPolicyCollection();
if (configuration.ServerConfiguration == null || configuration.ServerConfiguration.UserTokenPolicies == null)
{
return policies;
}
foreach (UserTokenPolicy policy in configuration.ServerConfiguration.UserTokenPolicies)
{
// ensure a security policy is specified for user tokens.
if (description.SecurityMode == MessageSecurityMode.None)
{
if (String.IsNullOrEmpty(policy.SecurityPolicyUri))
{
UserTokenPolicy clone = (UserTokenPolicy)policy.MemberwiseClone();
clone.SecurityPolicyUri = SecurityPolicies.Basic256;
policies.Add(clone);
continue;
}
}
policies.Add(policy);
}
// ensure each policy has a unique id.
for (int ii = 0; ii < policies.Count; ii++)
{
if (String.IsNullOrEmpty(policies[ii].PolicyId))
{
policies[ii].PolicyId = Utils.Format("{0}", ii);
}
}
return policies;
}
My problem is in the case you have multiple endpoints and you are using the 3 token types : Anonymous, UserName and Certificate. In the config you precise nothing for the UserTokenPolicies :
You will have two Tokens with the same id and two SecurityPolicyUri different. One with SecurityPolicies.Basic256, the other null which is not allowed by the OPCUA specification.
I correct by addind an offset for the case of description.SecurityMode == MessageSecurityMode.None :
protected virtual UserTokenPolicyCollection GetUserTokenPolicies(ApplicationConfiguration configuration, EndpointDescription description)
{
UserTokenPolicyCollection policies = new UserTokenPolicyCollection();
if (configuration.ServerConfiguration == null || configuration.ServerConfiguration.UserTokenPolicies == null)
{
return policies;
}
foreach (UserTokenPolicy policy in configuration.ServerConfiguration.UserTokenPolicies)
{
// ensure a security policy is specified for user tokens.
if (description.SecurityMode == MessageSecurityMode.None)
{
if (String.IsNullOrEmpty(policy.SecurityPolicyUri))
{
UserTokenPolicy clone = (UserTokenPolicy)policy.MemberwiseClone();
clone.SecurityPolicyUri = SecurityPolicies.Basic256;
policies.Add(clone);
continue;
}
}
policies.Add(policy);
}
// ensure each policy has a unique id.
int policyIdOffset = 0;
if (description.SecurityMode == MessageSecurityMode.None):
policyIdOffset = 3;
for (int ii = 0; ii < policies.Count; ii++)
{
if (String.IsNullOrEmpty(policies[ii].PolicyId))
{
policies[ii].PolicyId = Utils.Format("{0}", ii+ policyIdOffset);
}
}
return policies;
}
Best Regards :)
The text was updated successfully, but these errors were encountered:
Hello guys,
I report something that can be interpreted as a bug.
In Stack/SErver/ServerBase.Cs, we found GetUserTokenPolicies that returns the policies linked to the different endpoints.
My problem is in the case you have multiple endpoints and you are using the 3 token types : Anonymous, UserName and Certificate. In the config you precise nothing for the UserTokenPolicies :
In this case because of
You will have two Tokens with the same id and two SecurityPolicyUri different. One with SecurityPolicies.Basic256, the other null which is not allowed by the OPCUA specification.
I correct by addind an offset for the case of description.SecurityMode == MessageSecurityMode.None :
Best Regards :)
The text was updated successfully, but these errors were encountered: