 |
High Performance OPC UA Server SDK
1.2.0.193
|
|
High Performance OPC UA Server SDK
1.2.0.193
|
Allows Clients to specify the identity of the user they are acting on behalf of. More...
#include <useridentitytoken.h>
Data Fields | |
| struct ua_string | policy_id |
Related Functions | |
| void | ua_useridentitytoken_init (struct ua_useridentitytoken *t) |
| Initialize an ua_useridentitytoken struct with a valid value. More... | |
| void | ua_useridentitytoken_clear (struct ua_useridentitytoken *t) |
| Clear all resources alloctated in an ua_useridentitytoken struct. More... | |
| int | ua_useridentitytoken_compare (const struct ua_useridentitytoken *a, const struct ua_useridentitytoken *b) |
| Compare two ua_useridentitytoken structs. More... | |
| int | ua_useridentitytoken_copy (struct ua_useridentitytoken *dst, const struct ua_useridentitytoken *src) |
| Create a copy of a ua_useridentitytoken struct. More... | |
Allows Clients to specify the identity of the user they are acting on behalf of.
The exact mechanism used to identify users depends on the system configuration. The different types of identity tokens are bas ed on the most common mechanisms that are used in systems today.
The Client shall always prove possession of a UserIdentityToken when it passes it to the Server. Some tokens include a secret such as a password which the Server will accept as proof. In order to protect these secrets the Token shall be encrypted before it is passed to the Server. Other types of tokens allow the Client to create a signature with the secret associated with the Token. In these cases, the Client proves possession of a UserIdentityToken by appending the last ServerNonce to the ServerCertificate and uses the secret to produce a Signature which is passed to the Server.
Each UserIdentityToken allowed by an Endpoint shall have a UserTokenPolicy specified in the EndpointDescription. The UserTokenPolicy specifies what SecurityPolicy to use when encrypting or signing. If this SecurityPolicy is omitted, the Client uses the SecurityPolicy in the EndpointDescription. If the matching SecurityPolicy is set to None, no encryption or signature is required. It is recommended that Applications never set the SecurityPolicy to None for UserTokens that include a secret because these secrets could be used by an attacker to gain access to the system.
|
related |
Clear all resources alloctated in an ua_useridentitytoken struct.
Frees allocated memory like arrays and resets numeric values. The ua_useridentitytoken struct itself is not freed and must be freed by the caller if required. This function always succeeds for a valid ua_useridentitytoken struct, that was validly decoded, initilized by ua_useridentitytoken_init or created with ua_useridentitytoken_copy.
|
related |
Compare two ua_useridentitytoken structs.
Compares the content of the ua_useridentitytoken struct a to the content of the ua_useridentitytoken struct b. If a is smaller than b, an integer less than zero is returned, if a is bigger than b, an integer greater than zero is returned. If both structs are equal zero is returned.
This function creates a total order on ua_useridentitytoken structs, so it is well suited to not only determine equality, but also sort multiple instances of this struct.
|
related |
Create a copy of a ua_useridentitytoken struct.
Copy all fields from struct ua_useridentitytoken src to dst. Creates a deep copy so all content is recusively copied and both src and dst can be used and must be freed separately.
dst is not cleared before the copy operation, so it must not have any allocated data. It may or may not be initilized by the caller before copy.
|
related |
Initialize an ua_useridentitytoken struct with a valid value.
After initialization the fields of the struct are set to valid and consistent values and can safley be accessed. An initialized ua_useridentitytoken struct can also be passed to ua_useridentitytoken_compare, ua_useridentitytoken_copy and ua_useridentitytoken_clear. This function will always succeed as long as an ua_useridentitytoken struct is passed to it.