Table 15defines the parameters for the Service.
Table 15– CreateSession Service Parameters
Name |
Type |
Description |
Request |
|
|
requestHeader |
RequestHeader |
Common request parameters. The authenticationTokenis always null. The type RequestHeaderis defined in 7.33. |
clientDescription |
Application Description |
Information that describes the Clientapplication. The type ApplicationDescriptionis defined in 7.2. |
serverUri |
String |
This value is only specified if the EndpointDescriptionhas a gatewayServerUri. This value is the applicationUrifrom the EndpointDescriptionwhich is the applicationUrifor the underlying Server. The type EndpointDescriptionis defined in 7.14. |
endpointUrl |
String |
The network address that the Clientused to access the Session Endpoint. The HostNameportion of the URL should be one of the HostNamesfor the application that are specified in the Server’s ApplicationInstanceCertificate(see 7.3). The Servershall raise an AuditUrlMismatchEventType event if the URL does not match the Server’s HostNames. AuditUrlMismatchEventType event type is defined in OPC 10000-5. The Serveruses this information for diagnostics and to determine the set of EndpointDescriptionsto return in the response. |
sessionName |
String |
Human readable string that identifies the Session. The Servermakes this name and the sessionIdvisible in its AddressSpacefor diagnostic purposes. The Clientshould provide a name that is unique for the instance of the Client. If this parameter is null or empty the Servershall assign a value. |
clientNonce |
ByteString |
A random number that should never be used in any other request. This number shall have a minimum length of 32 bytes. Profiles may increase the required length. The Servershall use this value to prove possession of its Application Instance Certificatein the response. |
clientCertificate |
ApplicationInstance Certificate |
The Application Instance Certificateissued to the Client. The ApplicationInstanceCertificatetype is defined in 7.3. If the securityPolicyUriis None, the Servershall ignore the ApplicationInstanceCertificate. A Clientshall prove possession by using the private key to sign the Nonceprovided by the Serverin the response. For SecureChannelsthat use the Application Instance Certificatethe Servershall verify that this Certificateis the same as the one it used to create the SecureChannel. |
Requested SessionTimeout |
Duration |
Requested maximum number of milliseconds that a Sessionshould remain open without activity. If the Clientfails to issue a Servicerequest within this interval, then the Servershall automatically terminate the Client Session. |
maxResponse MessageSize |
UInt32 |
The maximum size, in bytes, for the body of any response message. The Servershould return a Bad_ResponseTooLargeservice fault if a response message exceeds this limit. The value zero indicates that this parameter is not used. The transport protocols defined in OPC 10000-6may imply minimum message sizes. More information on the use of this parameter is provided in 5.3. |
Response |
|
|
responseHeader |
ResponseHeader |
Common response parameters (see 7.34for ResponseHeadertype). |
sessionId |
NodeId |
A unique NodeIdassigned by the Serverto the Session. This identifier is used to access the diagnostics information for the Sessionin the Server AddressSpace. It is also used in the audit logs and any events that report information related to the Session. The Sessiondiagnostic information is described in OPC 10000-5. Audit logs and their related events are described in 6.5. |
authentication Token |
Session AuthenticationToken |
A unique identifier assigned by the Serverto the Session. This identifier shall be passed in the RequestHeaderof each request and is used with the SecureChannelIdto determine whether a Clienthas access to the Session. This identifier shall not be reused in a way that the Clientor the Serverhas a chance of confusing them with a previous or existing Session. The SessionAuthenticationTokentype is described in 7.36. |
revisedSessionTimeout |
Duration |
Actual maximum number of milliseconds that a Sessionshall remain open without activity. The Servershould attempt to honour the Clientrequest for this parameter, but may negotiate this value up or down to meet its own constraints. |
serverNonce |
ByteString |
A random number that should never be used in any other request. This number shall have a minimum length of 32 bytes. The Clientshall use this value to prove possession of its Application Instance Certificatein the ActivateSessionrequest. This value may also be used to prove possession of the userIdentityTokenit specified in the ActivateSessionrequest. |
serverCertificate |
ApplicationInstance Certificate |
The Application Instance Certificateissued to the Server. A Servershall prove possession by using the private key to sign the Nonceprovided by the Clientin the request. For SecureChannelsthat use the Application Instance Certificatethe Clientshall verify that this Certificateis the same as the one it used to create the SecureChannel. The ApplicationInstanceCertificatetype is defined in 7.3. If the securityPolicyUriis Noneand none of the UserTokenPoliciesrequires encryption, the Clientshall ignore the ApplicationInstanceCertificate. |
serverEndpoints [] |
EndpointDescription |
List of Endpointsthat the Serversupports. The Servershall return a set of EndpointDescriptionsavailable for the serverUrispecified in the request. All Endpointsare returned if the serverUriis null or empty. The EndpointDescriptiontype is defined in 7.14. The Clientshall verify this list with the list from a DiscoveryEndpointif it used a DiscoveryEndpointto fetch the EndpointDescriptions. It is recommended that Serversonly include the server.applicationUri, endpointUrl, securityMode, securityPolicyUri, userIdentityTokens, transportProfileUriand securityLevelwith all other parameters set to null or empty. Only the recommended parameters shall be verified by the Client. |
serverSoftware Certificates [] |
SignedSoftware Certificate |
This parameter is deprecated and the array shall be empty. The SoftwareCertificatesare provided in the Server AddressSpaceas defined in OPC 10000-5. |
serverSignature |
SignatureData |
This is a signature generated with the private key associated with the serverCertificate. This parameter is calculated by appending the clientNonceto the clientCertificateand signing the resulting sequence of bytes. If the clientCertificatecontains a chain, the signature calculation shall be done only with the leaf Certificate. For backward compatibility a Clientshall check the signature with the full chain if the check with the leaf Certificatefails. The SignatureAlgorithmshall be the AsymmetricSignatureAlgorithmspecified in the SecurityPolicyfor the Endpoint. The SignatureDatatype is defined in 7.37. |
maxRequest MessageSize |
UInt32 |
The maximum size, in bytes, for the body of any request message. The Client Communication Stackshould return a Bad_RequestTooLargeerror to the application if a request message exceeds this limit. The value zero indicates that this parameter is not used. See OPC 10000-6for protocol specific minimum or default values. 5.3provides more information on the use of this parameter. |