This structure contains security-related diagnostic information about client sessions. Its elements are defined in Table 148. Because this information is security-related, it shall only be accessible by authorised users.
Table 148 – SessionSecurityDiagnosticsDataType Structure
|sessionId||NodeId||Server-assigned identifier of the session.|
|clientUserIdOfSession||String||Name of authenticated user when creating the session.|
|clientUserIdHistory||String||Array containing the name of the authenticated user currently active (either from creating the session or from calling the ActivateSession Service) and the history of those names. Each time the active user changes, an entry shall be made at the end of the array. The active user is always at the end of the array. Servers may restrict the size of this array, but shall support at least a size of 2.
How the name of the authenticated user can be obtained from the system via the information received as part of the session establishment is defined in 6.4.3.
|authenticationMechanism||String||Type of authentication currently used by the session. The String shall be one of the lexical names of the UserIdentityTokenType Enum.|
|encoding||String||Which encoding is used on the wire. The String shall be ‘XML’, ‘JSON’ or ‘UA Binary’.|
|transportProtocol||String||Which transport protocol is used. The String shall be the scheme from the URL used to establish the session. For example, ‘opc.tcp’, ‘opc.wss’ or ‘https’.
The formal protocol URL scheme strings are defined in OPC 10000-6.
|securityMode||MessageSecurityMode||The message security mode used for the session.|
|securityPolicyUri||String||The name of the security policy used for the session.|
|clientCertificate||ByteString||The application instance certificate provided by the client in the CreateSession request.|
Its representation in the AddressSpace is defined in Table 149.
Table 149 – SessionSecurityDiagnosticsDataType Definition