Skip to content

Return BadSessionIdInvalid for wrong-channel CloseSession#1785

Merged
kevinherron merged 1 commit into
mainfrom
ctt/fix/session-multiple-close-session-status
Jul 1, 2026
Merged

Return BadSessionIdInvalid for wrong-channel CloseSession#1785
kevinherron merged 1 commit into
mainfrom
ctt/fix/session-multiple-close-session-status

Conversation

@kevinherron

Copy link
Copy Markdown
Contributor

Summary

Return the CTT-expected BadSessionIdInvalid when CloseSession is sent over a SecureChannel that is not associated with the request's authentication token.

  • Aligns CloseSession handling for active and not-yet-activated sessions with the Session Multiple negative case.
  • Keeps successful CloseSession behavior unchanged when the request arrives on the owning SecureChannel.
  • Adds integration coverage that exercises both CTT branches over real client channels.

Key Changes

  • CloseSession validation: A token found in either the active-session map or created-session map is treated as invalid for CloseSession if it arrives on a different SecureChannel, returning BadSessionIdInvalid instead of BadSecureChannelIdInvalid.
  • Regression coverage: The new integration test verifies wrong-channel close attempts for both an unactivated raw CreateSession response and a fully activated client session, then confirms the request fails as a service fault with the expected status.

Testing

  • mvn -q -pl opc-ua-sdk/integration-tests -am test -Dtest=CloseSessionWrongChannelTest -Dsurefire.failIfNoSpecifiedTests=false
  • mvn -q spotless:apply
  • mvn -q clean compile
  • Preflight review: APPROVED
  • Focused CTT selection was generated and dry-run checked; live CTT rerun was deferred to the serialized train workflow because the demo server endpoint and CTT project are shared resources.

References

  • OPC UA CTT: Session Services / Session Multiple / Err-001.js

@kevinherron kevinherron added this to the 1.1.5 milestone Jul 1, 2026
@kevinherron kevinherron merged commit d8ce491 into main Jul 1, 2026
6 checks passed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Projects

None yet

Development

Successfully merging this pull request may close these issues.

1 participant