The SecurityGroupFolderType is formally defined Table 176.
Table 176– SecurityGroupFolderType definition
|
Attribute |
Value |
||||
|
BrowseName |
SecurityGroupFolderType |
||||
|
IsAbstract |
False |
||||
|
References |
NodeClass |
BrowseName |
DataType |
TypeDefinition |
ModellingRule |
|
Subtype of FolderType defined in OPC 10000-5. |
|||||
|
|
|
|
|
|
|
|
Organizes |
Object |
<SecurityGroupFolderName> |
|
SecurityGroup FolderType |
OptionalPlaceholder |
|
HasComponent |
Object |
<SecurityGroupName> |
|
SecurityGroupType |
OptionalPlaceholder |
|
HasComponent |
Method |
AddSecurityGroup |
Defined in 8.5.2. |
Mandatory |
|
|
HasComponent |
Method |
RemoveSecurityGroup |
Defined in 8.5.3. |
Mandatory |
|
|
HasComponent |
Method |
AddSecurityGroupFolder |
Defined in 8.5.4. |
Optional |
|
|
HasComponent |
Method |
RemoveSecurityGroupFolder |
Defined in 8.5.5. |
Optional |
|
|
HasProperty |
Variable |
SupportedSecurityPolicyUris |
String[] |
PropertyType |
Optional |
|
Conformance Units |
|||||
|
PubSub Model SKS |
|||||
The SecurityGroupFolderType ObjectTypeis a concrete type and can be used directly.
Instances of the SecurityGroupFolderType can contain SecurityGroup Objectsor other instances of the SecurityGroupFolderType. This can be used to build a tree of folderObjectsused to organize the configured SecurityGroups.
The SecurityGroup Objectsare added as components to the instance of the SecurityGroupFolderType. A SecurityGroup Object is referenced only from one folder. If the folder is deleted, all referenced SecurityGroup Objectsare deleted with the folder.
The SupportedSecurityPolicyUris Propertycontains a Stringarray with the SecurityPolicyUrissupported by the SKS. The Property shall be provided at the root SecurityGroupFolder. The default SecurityPolicyUriis the first array element.
This Methodis used to add a SecurityGroupType Objectto the SecurityGroupFolderType Objector to return an existing Objectif the parameters match the configuration of an existing Object.
The Clientshall be authorized to modify the configuration for the SKSfunctionality and shall use at least a signed communication channel when invoking this Methodon the Server.
Signature
AddSecurityGroup(
[in]StringSecurityGroupName,
[in]DurationKeyLifetime,
[in]StringSecurityPolicyUri,
[in]UInt32MaxFutureKeyCount,
[in]UInt32MaxPastKeyCount,
[out]StringSecurityGroupId,
[out]NodeIdSecurityGroupNodeId
);
|
Argument |
Description |
|
SecurityGroupName |
Name of the SecurityGroupto add. |
|
KeyLifetime |
The lifetime of a key in milliseconds. If 0 is passed in, the SKS sets the default KeyLifetime. If the requested value exceeds the limits defined by the SKS, the value is adjusted by the SKS. The caller should get the revised value by reading the KeyLifetimeof the created SecurityGroup. |
|
SecurityPolicyUri |
The SecurityPolicyused for the SecurityGroup. If a null or empty Stringis passed in, the SKS sets the default SecurityPolicyUri. If the SecurityPolicyUriis not known to the SKS, Bad_InvalidArgument shall be returned. |
|
MaxFutureKeyCount |
The maximum number of future keys returned by the Method GetSecurityKeys. If 0 is passed in, the SKS sets the default MaxFutureKeyCount. If the requested value exceeds the limits defined by the SKS, the value is adjusted by the SKS. The caller should get the revised value by reading the MaxFutureKeyCountof the created SecurityGroup. |
|
MaxPastKeyCount |
The maximum number of historical keys stored by the SKS. If the requested value exceeds the limits defined by the SKS, the value is adjusted by the SKS. The caller should get the revised value by reading the MaxPastKeyCountof the created SecurityGroup. |
|
SecurityGroupId |
The identifier for the SecurityGroup. The SecurityGroupIdshall match the SecurityGroupName. |
|
SecurityGroupNodeId |
The NodeIdof the added SecurityGroupType Object. |
Method Result Codes
|
ResultCode |
Description |
|
Bad_NodeIdExists |
A SecurityGroupwith the name already exists but the arguments do not match the existing object. |
|
Good_DataIgnored |
A Objectwith the configuration already exists and was returned without adding a new Object. |
|
Bad_InvalidArgument |
The SecurityPolicyUriis not supported by the SKS. |
|
Bad_UserAccessDenied |
The Sessionuser is not allowed to configure the object. |
|
Bad_SecurityModeInsufficient |
The communication channel is not using signing. |
Table 177specifies the AddressSpacerepresentation for the AddSecurityGroup Method.
Table 177– AddSecurityGroup Method AddressSpace definition
|
Attribute |
Value |
||||
|
BrowseName |
AddSecurityGroup |
||||
|
References |
NodeClass |
BrowseName |
DataType |
TypeDefinition |
ModellingRule |
|
HasProperty |
Variable |
InputArguments |
Argument[] |
PropertyType |
Mandatory |
|
HasProperty |
Variable |
OutputArguments |
Argument[] |
PropertyType |
Mandatory |
|
ConformanceUnits |
|||||
|
PubSub Model SKS |
|||||
This Methodis used to remove a SecurityGroupType Objectfrom the SecurityGroupFolderType Object.
The Clientshall be authorized to modify the configuration for the SKSfunctionality and shall use at least a signed communication channelwhen invoking this Methodon the Server.
See 8.3.2for details on the lifetime of keys previously issued for this SecurityGroup.
Signature
RemoveSecurityGroup(
[in]NodeIdSecurityGroupNodeId
);
|
Argument |
Description |
|
SecurityGroupNodeId |
NodeIdof the SecurityGroupType Object to remove from the Server |
Method Result Codes
|
ResultCode |
Description |
|
Bad_NodeIdUnknown |
The SecurityGroupNodeIdis unknown. |
|
Bad_NodeIdInvalid |
The SecurityGroupNodeIdis not a NodeIdof a SecurityGroupType Object. |
|
Bad_UserAccessDenied |
The Sessionuser is not allowed to delete the SecurityGroupType Object. |
|
Bad_SecurityModeInsufficient |
The communication channel is not using signing. |
Table 178specifies the AddressSpacerepresentation for the RemoveSecurityGroup Method.
Table 178– RemoveSecurityGroup Method AddressSpace definition
|
Attribute |
Value |
||||
|
BrowseName |
RemoveSecurityGroup |
||||
|
References |
NodeClass |
BrowseName |
DataType |
TypeDefinition |
ModellingRule |
|
HasProperty |
Variable |
InputArguments |
Argument[] |
PropertyType |
Mandatory |
|
ConformanceUnits |
|||||
|
PubSub Model SKS |
|||||
This Methodis used to add a SecurityGroupFolderType Objectto a SecurityGroupFolderType Object.
The Clientshall be authorized to modify the configuration for the PubSubfunctionality when invoking this Methodon the Server.
Signature
AddSecurityGroupFolder(
[in]StringName,
[out]NodeIdSecurityGroupFolderNodeId
);
|
Argument |
Description |
|
Name |
Name of the Objectto create. |
|
SecurityGroupFolderNodeId |
NodeIdof the created SecurityGroupFolderType Object. |
Method Result Codes
|
ResultCode |
Description |
|
Bad_BrowseNameDuplicated |
A folder Objectwith the name already exists. |
|
Bad_InvalidArgument |
The Serveris not able to apply the Name. The Namemay be too long or may contain invalid characters. |
|
Bad_UserAccessDenied |
The Sessionuser is not allowed to add a folder. |
Table 179specifies the AddressSpacerepresentation for the AddSecurityGroupFolder Method.
Table 179– AddSecurityGroupFolder Method AddressSpace definition
|
Attribute |
Value |
||||
|
BrowseName |
AddSecurityGroupFolder |
||||
|
References |
NodeClass |
BrowseName |
DataType |
TypeDefinition |
ModellingRule |
|
HasProperty |
Variable |
InputArguments |
Argument[] |
PropertyType |
Mandatory |
|
HasProperty |
Variable |
OutputArguments |
Argument[] |
PropertyType |
Mandatory |
|
ConformanceUnits |
|||||
|
PubSub Model SKS |
|||||
This Methodis used to remove a SecurityGroupFolderType Objectfrom the parent SecurityGroupFolderType Object.
A successful removal of the SecurityGroupFolderType Objectremovesrecursively all contained SecurityGroupType Objectsand all containedSecurityGroupFolderType Objects.
The Clientshall be authorized to modify the configuration for the PubSubfunctionality when invoking this Methodon the Server.
Signature
RemoveSecurityGroupFolder (
[in]NodeIdSecurityGroupFolderNodeId
);
|
Argument |
Description |
|
SecurityGroupFolderNodeId |
NodeIdof the SecurityGroupFolderType Objectto remove from the Server. |
Method Result Codes
|
ResultCode |
Description |
|
Bad_NodeIdUnknown |
The SecurityGroupFolderNodeIdis unknown. |
|
Bad_UserAccessDenied |
The Sessionuser is not allowed to delete the folder. |
Table 180specifies the AddressSpacerepresentation for the RemoveSecurityGroupFolder Method.
Table 180– RemoveSecurityGroupFolder Method AddressSpace definition
|
Attribute |
Value |
||||
|
BrowseName |
RemoveSecurityGroupFolder |
||||
|
References |
NodeClass |
BrowseName |
DataType |
TypeDefinition |
ModellingRule |
|
HasProperty |
Variable |
InputArguments |
Argument[] |
PropertyType |
Mandatory |
|
ConformanceUnits |
|||||
|
PubSub Model SKS |
|||||