Allows Clients to specify the identity of the user they are acting on behalf of. More...

Inherits UnifiedAutomation.UaBase.IEncodeable.

Inherited by UnifiedAutomation.UaBase.AnonymousIdentityToken, UnifiedAutomation.UaBase.IssuedIdentityToken, UnifiedAutomation.UaBase.UserNameIdentityToken, and UnifiedAutomation.UaBase.X509IdentityToken.

Public Member Functions
	UserIdentityToken ()
	The default constructor. More...

virtual void	Encode (IEncoder encoder)

virtual void	Decode (IDecoder decoder)

virtual bool	IsEqual (IEncodeable encodeable)
	Checks if encodeable is the same object or has the same content More...

virtual object	Clone ()

virtual void	Encrypt (X509Certificate2 certificate, byte[] receiverNonce, string securityPolicyUri)
	Encrypts the token (implemented by the subclass). More...

virtual void	Decrypt (X509Certificate2 certificate, byte[] receiverNonce, string securityPolicyUri)
	Decrypts the token (implemented by the subclass). More...

virtual SignatureData	Sign (byte[] dataToSign, string securityPolicyUri)
	Creates a signature with the token (implemented by the subclass). More...

virtual bool	Verify (byte[] dataToVerify, SignatureData signatureData, string securityPolicyUri)
	Verifies a signature created with the token (implemented by the subclass). More...

Properties
string	PolicyId `[get, set]`

virtual ExpandedNodeId	TypeId `[get]`

virtual ExpandedNodeId	BinaryEncodingId `[get]`

virtual ExpandedNodeId	XmlEncodingId `[get]`

object	UserData `[get, set]`
	Gets or sets the user data. More...

Properties inherited from UnifiedAutomation.UaBase.IEncodeable
ExpandedNodeId	TypeId `[get]`
	Returns the UA type identifier for the encodable type. More...

ExpandedNodeId	BinaryEncodingId `[get]`
	Returns the UA type identifier for the default binary encoding for the type. More...

ExpandedNodeId	XmlEncodingId `[get]`
	Returns the UA type identifier for the default XML encoding for the type. More...

Detailed Description

Allows Clients to specify the identity of the user they are acting on behalf of.

The UserIdentityToken class.

The exact mechanism used to identify users depends on the system configuration. The different types of identity tokens are bas ed on the most common mechanisms that are used in systems today.

The Client shall always prove possession of a UserIdentityToken when it passes it to the Server. Some tokens include a secret such as a password which the Server will accept as proof. In order to protect these secrets the Token shall be encrypted before it is passed to the Server. Other types of tokens allow the Client to create a signature with the secret associated with the Token. In these cases, the Client proves possession of a UserIdentityToken by appending the last ServerNonce to the ServerCertificate and uses the secret to produce a Signature which is passed to the Server.

Each UserIdentityToken allowed by an Endpoint shall have a UserTokenPolicy specified in the EndpointDescription. The UserTokenPolicy specifies what SecurityPolicy to use when encrypting or signing. If this SecurityPolicy is omitted, the Client uses the SecurityPolicy in the EndpointDescription. If the matching SecurityPolicy is set to None, no encryption or signature is required. It is recommended that Applications never set the SecurityPolicy to None for UserTokens that include a secret because these secrets could be used by an attacker to gain access to the system.

Constructor & Destructor Documentation

UnifiedAutomation.UaBase.UserIdentityToken.UserIdentityToken ( )

inline

The default constructor.

Member Function Documentation

virtual void UnifiedAutomation.UaBase.UserIdentityToken.Decrypt	(	X509Certificate2	certificate,
		byte[]	receiverNonce,
		string	securityPolicyUri
	)

inlinevirtual

Decrypts the token (implemented by the subclass).

Reimplemented in UnifiedAutomation.UaBase.IssuedIdentityToken, and UnifiedAutomation.UaBase.UserNameIdentityToken.

virtual void UnifiedAutomation.UaBase.UserIdentityToken.Encrypt	(	X509Certificate2	certificate,
		byte[]	receiverNonce,
		string	securityPolicyUri
	)

inlinevirtual

Encrypts the token (implemented by the subclass).

Reimplemented in UnifiedAutomation.UaBase.IssuedIdentityToken, and UnifiedAutomation.UaBase.UserNameIdentityToken.

virtual bool UnifiedAutomation.UaBase.UserIdentityToken.IsEqual ( IEncodeable encodeable )

inlinevirtual

Checks if encodeable is the same object or has the same content

Parameters

encodeable

Returns

Implements UnifiedAutomation.UaBase.IEncodeable.

Reimplemented in UnifiedAutomation.UaBase.IssuedIdentityToken, UnifiedAutomation.UaBase.X509IdentityToken, UnifiedAutomation.UaBase.UserNameIdentityToken, and UnifiedAutomation.UaBase.AnonymousIdentityToken.

virtual SignatureData UnifiedAutomation.UaBase.UserIdentityToken.Sign	(	byte[]	dataToSign,
		string	securityPolicyUri
	)

inlinevirtual

Creates a signature with the token (implemented by the subclass).

Reimplemented in UnifiedAutomation.UaBase.IssuedIdentityToken, and UnifiedAutomation.UaBase.X509IdentityToken.

virtual bool UnifiedAutomation.UaBase.UserIdentityToken.Verify	(	byte[]	dataToVerify,
		SignatureData	signatureData,
		string	securityPolicyUri
	)

inlinevirtual

Verifies a signature created with the token (implemented by the subclass).

Reimplemented in UnifiedAutomation.UaBase.IssuedIdentityToken, and UnifiedAutomation.UaBase.X509IdentityToken.

Property Documentation

string UnifiedAutomation.UaBase.UserIdentityToken.PolicyId

getset

object UnifiedAutomation.UaBase.UserIdentityToken.UserData

getset

Gets or sets the user data.

The user data.

The documentation for this class was generated from the following files:

C:/work/uasdknet/src/UaBase/Generated/Opc.Ua.DataTypes.cs
C:/work/uasdknet/src/UaBase/Helpers/UserIdentityToken.cs

Public Member Functions

Properties

Detailed Description

Constructor & Destructor Documentation

Member Function Documentation

Property Documentation