Reputation: 13536
Why isn't Opc.Ua.UserIdentity sending the password cleanly to the OPC server?
I have a problem with the UserIdentity(user, password) constructor. My password is 4 characters long. When the password arrives at the server it is 36 characters long. The first 4 characters are my password - the rest is random garbage.
The Opc.Ua.Client.dll & Opc.Ua.Core.dll have version 1.0.238.1.
What is causing this and what can I do to send the password correctly?
UPDATE
ApplicationConfiguration configuration = Helpers.CreateClientConfiguration();
X509Certificate2 clientCertificate = configuration.SecurityConfiguration.ApplicationCertificate.Find();
configuration.CertificateValidator.CertificateValidation += new CertificateValidationEventHandler(CertificateValidator_CertificateValidation);
EndpointDescription endpointDescription = Helpers.CreateEndpointDescription(Url);
EndpointConfiguration endpointConfiguration = EndpointConfiguration.Create(configuration);
endpointConfiguration.OperationTimeout = 300000;
endpointConfiguration.UseBinaryEncoding = true;
ConfiguredEndpoint endpoint = new ConfiguredEndpoint(null, endpointDescription, endpointConfiguration);
BindingFactory bindingFactory = BindingFactory.Create(configuration);
if (endpoint.UpdateBeforeConnect)
{
endpoint.UpdateFromServer(bindingFactory);
endpointDescription = endpoint.Description;
endpointConfiguration = endpoint.Configuration;
}
SessionChannel channel = SessionChannel.Create(
configuration,
endpointDescription,
endpointConfiguration,
bindingFactory,
clientCertificate,
null);
m_Session = new Session(channel, configuration, endpoint);
m_Session.ReturnDiagnostics = DiagnosticsMasks.All;
m_Session.KeepAlive += new KeepAliveEventHandler(Session_KeepAlive);
m_Session.Notification += new NotificationEventHandler(m_Session_Notification);
UserIdentity identity;
if (userName == null || userName.Length == 0)
{
identity = new UserIdentity();
}
else
{
identity = new UserIdentity(userName, password);
}
m_Session.Open("ATF UA client", identity);
log.Debug("Connect ok");
Upvotes: 1
Views: 2104
Answers (1)
Reputation: 3256
The rest is not garbage at all. It shall be the same ServerNonce you sent to the OPC UA Client in the CreateSessionResponse.
According to OPC UA specification the UserIdentityToken encrypted format is :
- Length - Byte[4] => The length of your password
- TokenData - Byte[*] => Your password
- ServerNonce - Byte[*]
The password is 36 bytes long because OPC UA Server mainly use 32bytes ServerNonce and your password is 4 bytes long...
You should also verify that the ServerNonce sent with that UserIdentityToken is the same as the one you provide in your CreateSessionResponse.
Upvotes: 1
Related Questions
- oauth-userinfo endpoint only returning "sub" value in #curity
- Connect to OPCUA server with username and password
- Setting username and role in opcua
- How do I reliably write to a OPC UA server?
- Communicate OPCDA client with OPC UA server
- User Token Type in OPC UA
- OPC UA server client on raspberry pi2
- OPC UA Client - BadCertificateHostNameInvalid - opcfoundation.org
- Opc Ua client documentation
- OPC UA Secure Connection C#