Search

Scope: Core (OPC-10000-*) All specs

3 result(s) for userTokenSignature

OPC-10000-4 – OPC Unified Architecture - Part 4: Services

6.1.8 Calculating Signatures used in CreateSession and ActivateSession

ChannelThumbprint | ServerNonce | HASH(ServerCertificate) | HASH(Server ChannelCertificate) | HASH(Client ChannelCertificate) | ClientNonce ClientCertificate UserTokenSignature (see 5.7.3 ) ChannelThumbprint | ServerNonce | HASH(ServerCertificate) | HASH(Server ChannelCertificate) | HASH(ClientCertificate) | HASH(Client ChannelCertificate) | ClientNonce UserCertificate UserTokenSignature ... first validating the signing Certificate using the steps described in 6.1.3 . The ClientSignature and UserTokenSignature shall not be computed until the ServerSignature is validated. For UserTokenSignatures the rules above apply
OPC-10000-4 – OPC Unified Architecture - Part 4: Services

7.40.5 X509IdentityTokens

user. This token shall always be accompanied by a Signature in the userTokenSignature parameter of ActivateSession if required by the SecurityPolicy . The Server should specify a SecurityPolicy for the UserTokenPolicy
OPC-10000-12 – OPC Unified Architecture - Part 12: Discovery and Global Services

9.6.7 FinishRequestToken

AuthorizationService . The UserIdentityToken contains the credentials that the AccessToken will represent. The UserTokenSignature is computed using the channel bound signatures defined in OPC 10000-4 where the ServiceData replaces ... Signature FinishRequestToken ( [in] Guid RequestId [in] String[] RequestedRoles [in] UserIdentityToken UserIdentityToken [in] SignatureData UserTokenSignature [out] String AccessToken [out] DateTime AccessTokenExpiryTime [out] String RefreshToken [out] DateTime RefreshTokenExpiryTime ); Argument Description RequestId