Avatar

Please consider registering
guest

sp_LogInOut Log In sp_Registration Register

Register | Lost password?
sp_Search Search
Advanced Search
Advanced Search

— Forum Scope —




— Match —





— Forum Options —





Minimum search word length is 3 characters - maximum search word length is 84 characters

sp_Search Search
Go to Bottom
No permission to create posts
sp_Feed Topic RSS sp_TopicIcon
Security Policy/Message Security Questions
May 6, 2013
19:45, EEST
Avatar
TimK
Member
Members
Forum Posts: 41
Member Since:
June 27, 2012
sp_UserOfflineSmall Offline
Go to Top
1sp_Permalink sp_Print

I’m working on security configuration. I’m planning to support None, Basic128Rsa15, and Basic256 policies, and None, Sign, and Sign&Encrypt message modes.
By default, I’m passing all nine combinations of those three to server.setSecurityModes(), and that seems to work okay, although I’m using None/None on the client.

When I change the server configuration to remove None from both lists, and change the client side configuration to Basic128/SignAndEncrypt, I’m seeing a problem when I try to connect with UA Expert:
2013-05-06 15:41:28,560[Non-Blocking-Work-Executor-7] INFO – UATcpServer(/127.0.0.1:52520): /127.0.0.1:43827 connected
2013-05-06 15:41:28,562 [Non-Blocking-Work-Executor-1] WARN – Security policy “http://opcfoundation.org/UA/SecurityPolicy#None” is not supported by the endpoint
2013-05-06 15:41:28,562 [Non-Blocking-Work-Executor-1] INFO – org.opcfoundation.ua.common.ServiceResultException: Bad_SecurityPolicyRejected (code=0x80550000, description=”Security policy “http://opcfoundation.org/UA/SecurityPolicy#None” is not supported by the endpoint”)

It looks like UA Expert is still trying to connect with None. I’ve tried creating a new server in UA Expert, and also different combinations of policy/message security, and I still get this error. Do you see this problem, too, or am I doing something wrong with the client?

May 7, 2013
6:57, EEST
Avatar
Jouni Aro
Moderator
Moderators
Forum Posts: 1009
Member Since:
December 21, 2011
sp_UserOfflineSmall Offline
sp_UserWebsite
Go to Top
2sp_Permalink sp_Print

Yes this is a known problem with the current Java stack. If you disable None-security, the getEndpoints() service, which is done without security to find out the available endpoints, will also fail.

This will be fixed in the new Java stack 1.02, which is already available from the OPC Foundation and we are preparing a beta release of the SDK based on the new stack as well.

If you send email to our support, I can provide you a “preliminary beta” version of the SDK for testing.

No permission to create posts
sp_Feed All RSS
Go to top
Forum Timezone: Europe/Helsinki

Most Users Ever Online: 518

Currently Online:
14 Guest(s)

Currently Browsing this Page:
1 Guest(s)

Top Posters:

hbrackel: 135

pramanj: 86

Francesco Zambon: 81

rocket science: 77

ibrahim: 75

Sabari: 62

kapsl: 57

gjevremovic: 49

Xavier: 43

fred: 41

Member Stats:

Guest Posters: 0

Members: 681

Moderators: 16

Admins: 1

Forum Stats:

Groups: 3

Forums: 15

Topics: 1467

Posts: 6259

Newest Members:

DonaldPooma, fidelduke938316, Jan-Pfizer, DavidROunc, fen.pang@woodside.com, aytule, rashadbrownrigg, christi10l, ahamad1, Flores Frederick

Moderators: Jouni Aro: 1009, Otso Palonen: 32, Tuomas Hiltunen: 5, Pyry: 1, Petri: 0, Bjarne Boström: 983, Heikki Tahvanainen: 402, Jukka Asikainen: 1, moldzh08: 0, Jimmy Ni: 26, Teppo Uimonen: 21, Markus Johansson: 42, Niklas Nurminen: 0, Matti Siponen: 321, Lusetti: 0, Ari-Pekka Soikkeli: 5

Administrators: admin: 1