UA Bundle SDK .NET
2.5.2.385
|
This example does only show different user authentication mechanisms, including certificate based authentification, but not how to create and trust certificates.
To use authentification with certificates, it is needed to create a client certificate first. You can test the variant using the file based certificate store out-of-the-box, because an Application Instance Certificate for the ClientGettingStarted application is created automatically when installing the SDK. For simplicity, the example uses this certificate for authentication as well. Example code for creating a certificate to be used in a file based certificate store is described in Certificate Management – Create Certificate.
Furthermore, it is necessary that client and server already trust each other’s certificate. You can use the Simple Connect or the Advanced Connect example and connect with security. Be sure to check the box “Save Certificate in TrustList” when trusting the server’s certificate.
The following dialog shows an example for implementing different types of user Authentication. Press the button “Show Code” to display the corresponding code, and the button “Help” to show this documentation page.
The example demonstrates four different authentication settings:
Check the radio button in front of the authentication method of your choice, fill in the required fields, and press “Connect”.
To test the UserName variant, enter the user name “sue” and password “curly” to the respective input fields.
For the X509 (Dir) variant, press the “…” button and select the certificate for the ClientGettingStarted application (see above). The example requires to select the certificate containing the private key (i.e. the .pfx file, see screenshot). Note that the private key is only used for signing and will not be sent to the server.
To actually establish a connection, client and server have to trust each other’s certificates first (see above).
To use the Windows certificate store instead, choose X509 (Store). The fields “Store Path” and “Certificate” are already filled with standard values, change them to your liking. As in the example above, it is necessary to create a certificate for the ClientGettingStarted application first and client and server have to trust each other’s certificates.
If the checkbox “Use InsecureCredicals EventHandler” is checked, an EventHandler for Session.InsecureCredicals is added. The checkbox is grayed out unless “Use Asynchronous Pattern” is checked, since a dialog will be displayed in this implementation of the EventHandler (see screenshot).
This EventHandler can be used to connect with user name and password to a server although the password is sent insecurely, e.g.
After a sucessful connect, the user identity is shown in the “Session” tab of the .NET Demo Server GUI (see screenshot).
The user token specific code can be found in the method SetUserToken().
To connect as anonymous user, UserIdentityType has to be set to Anonymous.
To authenticate with user name and password, set the UserIdentityType to UserName.
To authenticate using an X.509 certificate, set the UserIdentityType to Certificate.
UnifiedAutomation.UaBase.SecurityUtils
To authenticate using an X.509 certificate, set the UserIdentityType to Certificate.
UnifiedAutomation.UaBase.SecurityUtils
Implement the EventHandler.
Add the EventHandler to the Session.