Search
14 result(s) for UserTokenPolicies
-
OPC-10000-4 – OPC Unified Architecture - Part 4: Services5.5.4.1 DescriptionActivateSession request (see 5.7.3 ). If the securityPolicyUri is None and none of the UserTokenPolicies requires encryption, the Client shall ignore the ApplicationInstanceCertificate . If the securityPolicyUri is not None ... UserTokenPolicies requires encryption, the Server shall include the ApplicationInstanceCertificate in the EndpointDescription . Each EndpointDescription also specifies a URI for the Transport Profile that the Endpoint supports. The Transport Profiles specify
-
OPC-10000-4 – OPC Unified Architecture - Part 4: Services5.7.2.2 Parameterstype is defined in 7.3 . If the securityPolicyUri is None and none of the UserTokenPolicies requires encryption, the Client shall ignore the ApplicationInstanceCertificate . serverEndpoints [] EndpointDescription List of Endpoints that
-
OPC-10000-4 – OPC Unified Architecture - Part 4: ServicesServers publish the Authorization Services (AS) they support in the UserTokenPolicies list return with GetEndpoints . The IssuedTokenType field specifies the protocol used to communicate with the AS. The IssuerEndpointUrl field
-
OPC-10000-4 – OPC Unified Architecture - Part 4: Services7.40.5 X509IdentityTokensSecurityPolicy for any UserTokenPolicy if the Server supports multiple CertificateKeyAlgorithms for SecureChannels and/or UserTokenPolicies . In addition, the Server shall provide a distinct UserTokenPolicy for each CertificateKeyAlgorithm supported. X509IdentityTokens have
-
OPC-10000-4 – OPC Unified Architecture - Part 4: Services7.41 UserTokenPolicyempty. Null or empty are equal. The identifier shall be unique across the UserTokenPolicies assigned by the Server . The Client specifies this value when it constructs a UserIdentityToken that conforms ... based on ECC or RSA_DH are not allowed and Clients shall not use UserTokenPolicies that require encryption with these SecurityPolicies . RSA based SecurityPolicies are allowed, however, the Client shall
-
OPC-10000-6 – OPC Unified Architecture - Part 6: Mappingshandshake is shown in Figure 16 . Figure 16 - ECC CreateSession/ActivateSession Handshake The UserTokenPolicies are returned in the GetEndpoints response. A UserTokenPolicy may specify a SecurityPolicyUri that is different than ... example, an EndpointDescription providing an ECC SecurityPolicyUri does not specify RSA SecurityPolicyUris in the UserTokenPolicies . When a Client calls CreateSession via a SecureChannel based
-
OPC-10000-12 – OPC Unified Architecture - Part 12: Discovery and Global Services5.1 OverviewLocalDiscoveryServer does not support Sessions so information needed for establishing Sessions , such as supported UserTokenPolicies , is not provided. In systems (usually embedded systems) with exactly one Server installed this Server
-
OPC-10000-12 – OPC Unified Architecture - Part 12: Discovery and Global Services7.10.23 ServerEndpointDataTypewith a generated EndpointDescription is rejected. The Server chooses unique values for PolicyIds in UserTokenPolicies when building the EndpointDescriptions . The ReverseConnectUrls are the URLs that the Server connects ... TransportProfileUri. UserTokenSettingNames 0:String[] The names of the UserTokenSettings used to build the UserTokenPolicies that appear in the EndpointDescriptions . ReverseConnectUrls 0:String[] A list of URLs that a Server connects
-
OPC-10000-12 – OPC Unified Architecture - Part 12: Discovery and Global Services9.6.4 AuthorizationServiceTypeHasProperty Variable 2:ServiceCertificate 0:ByteString 0:PropertyType Mandatory 0:HasProperty Variable 2:UserTokenPolicies 0:UserTokenPolicy [] 0:PropertyType Optional 0:HasProperty Variable 2:SupportedRoles 0:String[] 0:PropertyType Optional ... ServiceCertificate and automatically updating the target Server if the ServiceCertificate is revoked. The UserTokenPolicies Property specifies the UserIdentityTokens which are accepted by the RequestAccessToken or FinishRequestToken Methods. The SupportedRoles Property
-
OPC-10000-12 – OPC Unified Architecture - Part 12: Discovery and Global ServicesPolicyId and UserTokenType of the IdentityToken shall match one of the elements of the UserTokenPolicies Property . If the IdentityToken is not provided the Server should use the ApplicationInstanceCertificate and/or ... Result Code Description Bad_IdentityTokenInvalid The IdentityToken does not match one of the allowed UserTokenPolicies . Bad_IdentityTokenRejected The IdentityToken was rejected. Bad_NotFound The ResourceId is not known
-
OPC-10000-12 – OPC Unified Architecture - Part 12: Discovery and Global Services9.6.6 StartRequestTokenrequest for an AccessToken. The PolicyId provided shall identify one of the UserTokenPolicies for the AuthorizationService Object . The contents of the RequestorData and ServiceData depend on the UserTokenType ... This is usually the Server ApplicationUri. PolicyId The PolicyId from an element in the UserTokenPolicies array. RequestorData A value with contents described in Table 149 . ServiceData A value with contents
-
OPC-10000-12 – OPC Unified Architecture - Part 12: Discovery and Global Services9.6.7 FinishRequestTokenexpired. Bad_IdentityTokenInvalid The IdentityToken does not match one of the allowed UserTokenPolicies . Bad_IdentityTokenRejected The IdentityToken was rejected. Bad_UserAccessDenied The current user does not have the rights required
-
OPC-10000-12 – OPC Unified Architecture - Part 12: Discovery and Global Servicesinformation on encoding chains). The IssuerEndpointUrl is the value of the IssuerEndpointUrl in UserTokenPolicies which require the use of the AuthorizationService. The contents of this field depend on the AuthorizationService
-
OPC-10000-14 – OPC Unified Architecture - Part 14: PubSub6.2.5.4 SecurityKeyServicesopcfoundation.org/UA-Profile/Security/UserToken/Server/UserNamePassword" . The KeyCredentialConfigurationType is defined in OPC 10000-12 . The UserTokenPolicies are defined in OPC 10000-4 . ApplicationType CLIENT The array shall be null or empty. TransportProfileUri String