-
Notifications
You must be signed in to change notification settings - Fork 664
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Implementation of security ID check #1489
Comments
but years ago i wrote something, but its not for production use, so no warranties for that old deprecated stuff: try:
from opcua import ua, uamethod, Server
from opcua.server.user_manager import UserManager
from time import sleep
except ImportError as e:
print(e)
users_db = {
'user1': 'pw1'
}
def user_manager(isession, username, password):
isession.user = UserManager.User
return username in users_db and password == users_db[username]
@uamethod
def myMethod(parent, rfid):
print("method call with parameters: ", rfid)
Out1 = rfid
Out2 = 12345
return (
ua.Variant(Out1, ua.VariantType.Int64),
ua.Variant(Out2, ua.VariantType.Int64)
)
if __name__ == "__main__":
"""
OPC-UA-Server Setup
"""
server = Server()
endpoint = "opc.tcp://127.0.0.1:4840"
server.set_endpoint(endpoint)
servername = "Python-OPC-UA"
server.set_server_name(servername)
address_space = server.register_namespace("http://andreas-heine.net/UA")
uri = "urn:opcua:python:server"
server.set_application_uri(uri)
server.load_certificate("certificate.pem")
server.load_private_key("key.pem")
server.set_security_policy([
# ua.SecurityPolicyType.NoSecurity,
# ua.SecurityPolicyType.Basic128Rsa15_Sign,
# ua.SecurityPolicyType.Basic128Rsa15_SignAndEncrypt,
# ua.SecurityPolicyType.Basic256Sha256_Sign,
ua.SecurityPolicyType.Basic256Sha256_SignAndEncrypt
])
policyIDs = ["Username"]
server.set_security_IDs(policyIDs)
server.user_manager.set_user_manager(user_manager)
"""
OPC-UA-Modeling
"""
root_node = server.get_root_node()
object_node = server.get_objects_node()
server_node = server.get_server_node()
try:
server.import_xml("custom_nodes.xml")
except FileNotFoundError:
pass
except Exception as e:
print(e)
servicelevel_node = server.get_node("ns=0;i=2267") #Service-Level Node
servicelevel_value = 255 #0-255 [Byte]
servicelevel_dv = ua.DataValue(ua.Variant(servicelevel_value, ua.VariantType.Byte))
servicelevel_node.set_value(servicelevel_dv)
parameter_obj = server.nodes.objects.add_object(address_space, "Parameter")
token_node = parameter_obj.add_variable(address_space, "token", ua.Variant(0, ua.VariantType.UInt32))
token_node.set_writable() #if clients should be able to write
myobj = server.nodes.objects.add_object(address_space, "Methods")
multiply_node = myobj.add_method( address_space,
"myMethod",
myMethod,
[
#Input-Arguments:
ua.VariantType.Int64
],
[
#Output-Arguments:
ua.VariantType.Int64,
ua.VariantType.Int64
]
)
"""
OPC-UA-Server Start
"""
server.start()
try:
while 1:
sleep(1)
except KeyboardInterrupt:
server.stop() |
I already tried this solution and it doesn’t work properly, because anonymous connection is stil possibile in this way. |
can you describe a little more detailed how you achieve that? |
Was fixed in #1458, but it think there was no new pip release, so you have to use the current master. |
This my server:
This is the client:
I tried to start the server as it is, with only |
I'm using python opcua server and client and I'm testing all the possible security features about authentication and communication. As the specs says, there is no implementation about security ID check, then even if I call the method
set_security_ID
, anonymous connections are still accepted.Is there a way to implement security ID check on a python opcua server ? Any suggestions ?
The text was updated successfully, but these errors were encountered: