UA Bundle SDK .NET
2.5.0.378
|
Allows Clients to specify the identity of the user they are acting on behalf of. More...
Inherits UnifiedAutomation.UaBase.IEncodeable.
Inherited by UnifiedAutomation.UaBase.AnonymousIdentityToken, UnifiedAutomation.UaBase.IssuedIdentityToken, UnifiedAutomation.UaBase.KerberosIdentityToken, UnifiedAutomation.UaBase.UserNameIdentityToken, and UnifiedAutomation.UaBase.X509IdentityToken.
Public Member Functions | |
UserIdentityToken () | |
The default constructor. More... | |
virtual void | Encode (IEncoder encoder) |
virtual void | Decode (IDecoder decoder) |
virtual bool | IsEqual (IEncodeable encodeable) |
Checks if encodeable is the same object or has the same content More... | |
virtual object | Clone () |
virtual void | Encrypt (X509Certificate2 certificate, byte[] receiverNonce, string securityPolicyUri) |
Encrypts the token (implemented by the subclass). More... | |
virtual void | Decrypt (X509Certificate2 certificate, byte[] receiverNonce, string securityPolicyUri) |
Decrypts the token (implemented by the subclass). More... | |
virtual SignatureData | Sign (byte[] dataToSign, string securityPolicyUri) |
Creates a signature with the token (implemented by the subclass). More... | |
virtual bool | Verify (byte[] dataToVerify, SignatureData signatureData, string securityPolicyUri) |
Verifies a signature created with the token (implemented by the subclass). More... | |
Properties | |
string | PolicyId [get, set] |
virtual ExpandedNodeId | TypeId [get] |
virtual ExpandedNodeId | BinaryEncodingId [get] |
virtual ExpandedNodeId | XmlEncodingId [get] |
object | UserData [get, set] |
Gets or sets the user data. More... | |
Properties inherited from UnifiedAutomation.UaBase.IEncodeable | |
ExpandedNodeId | TypeId [get] |
Returns the UA type identifier for the encodable type. More... | |
ExpandedNodeId | BinaryEncodingId [get] |
Returns the UA type identifier for the default binary encoding for the type. More... | |
ExpandedNodeId | XmlEncodingId [get] |
Returns the UA type identifier for the default XML encoding for the type. More... | |
Allows Clients to specify the identity of the user they are acting on behalf of.
The UserIdentityToken class.
The exact mechanism used to identify users depends on the system configuration. The different types of identity tokens are bas ed on the most common mechanisms that are used in systems today.
The Client shall always prove possession of a UserIdentityToken when it passes it to the Server. Some tokens include a secret such as a password which the Server will accept as proof. In order to protect these secrets the Token shall be encrypted before it is passed to the Server. Other types of tokens allow the Client to create a signature with the secret associated with the Token. In these cases, the Client proves possession of a UserIdentityToken by appending the last ServerNonce to the ServerCertificate and uses the secret to produce a Signature which is passed to the Server.
Each UserIdentityToken allowed by an Endpoint shall have a UserTokenPolicy specified in the EndpointDescription. The UserTokenPolicy specifies what SecurityPolicy to use when encrypting or signing. If this SecurityPolicy is omitted, the Client uses the SecurityPolicy in the EndpointDescription. If the matching SecurityPolicy is set to None, no encryption or signature is required. It is recommended that Applications never set the SecurityPolicy to None for UserTokens that include a secret because these secrets could be used by an attacker to gain access to the system.
|
inline |
The default constructor.
|
inlinevirtual |
Decrypts the token (implemented by the subclass).
Reimplemented in UnifiedAutomation.UaBase.IssuedIdentityToken, and UnifiedAutomation.UaBase.UserNameIdentityToken.
|
inlinevirtual |
Encrypts the token (implemented by the subclass).
Reimplemented in UnifiedAutomation.UaBase.IssuedIdentityToken, and UnifiedAutomation.UaBase.UserNameIdentityToken.
|
inlinevirtual |
Checks if encodeable is the same object or has the same content
encodeable |
Implements UnifiedAutomation.UaBase.IEncodeable.
Reimplemented in UnifiedAutomation.UaBase.IssuedIdentityToken, UnifiedAutomation.UaBase.KerberosIdentityToken, UnifiedAutomation.UaBase.X509IdentityToken, UnifiedAutomation.UaBase.UserNameIdentityToken, and UnifiedAutomation.UaBase.AnonymousIdentityToken.
|
inlinevirtual |
Creates a signature with the token (implemented by the subclass).
Reimplemented in UnifiedAutomation.UaBase.IssuedIdentityToken, and UnifiedAutomation.UaBase.X509IdentityToken.
|
inlinevirtual |
Verifies a signature created with the token (implemented by the subclass).
Reimplemented in UnifiedAutomation.UaBase.IssuedIdentityToken, and UnifiedAutomation.UaBase.X509IdentityToken.
|
getset |
|
getset |
Gets or sets the user data.
The user data.