User Authentication

piod94
2017-11-06
2020-04-12
  • piod94

    piod94 - 2017-11-06

    Hi

    I use opc ua server on raspberry pi and I have one question: is there possibility to implement user authorization or any other way to limit user's acess to some data/features?

     
  • jeremyshubert

    jeremyshubert - 2018-06-05

    I'm investigating the same. Currently, the OPC server running in CODESYS V3 appears to allow any client to connect without authentication. They can then view the full tree, and read/write variables. This is very problematic. There are no options in the IDE that I can find for configuring the server, it is simply enabled in the Symbol Configuration. It appears the controller has an X.509 certificate but it doesn't require anything from the client. Does anyone have more information? The online videos from 3S worked to get me this far but they connected without authentication.

     
  • eschwellinger

    eschwellinger - 2018-06-05

    Hi,
    you are right, but the good news is:
    This will be released with 3.5SP13 26th June.

    BR
    Edwin

     
  • msfin303

    msfin303 - 2019-01-31

    I'm Currently setting up an OPC UA on 3.5 SP13, however I'm looking to see where you implement user and password authentication.

    Is there anyone out there who can help?

     
  • rotemse

    rotemse - 2020-01-22

    So, is it possible to add user authentication in OPC UA? (raspberry pi + Codesys)
    How do we do it?

     
  • rotemse

    rotemse - 2020-01-30

    Anyone?

     
  • watarium

    watarium - 2020-04-11

    Hi,
    This Q&A is very helpful to me.
    e.kislov's link says Codesys implements a user authentication with a password.
    I think that Codesys does not implement user authentication with X.509 certification so far. Am I right?
    My environment is Codesys V3.5 SP15 and raspberry pi

     
  • watarium

    watarium - 2020-04-12

    Thanks, i-campbell.
    I've already tried the procedures i-campbell's link and worked well.

    But I think it is application authentication, not a user authentication. The reason is that when I checked UserTokenPolicy of the OPC UA server with UaExpert, I found UserPassword and Anonymous but couldn't find "X509 certificate" in the PolicyId and TokenType(Codesys_usertokenpolicy.png).
    So I couldn't connect with the certificate using UAExpert Authentication settings (Authentication_settings.png). The response message was "BadConfigurationError."
    On the other hand, when I connected to another OPC Server (Takebishi DeviceXplorer), "X509 certificate" appeared in the "UserTokenPolicy." (DeviceXplorer_usertokenpolicy.png)

    I'm not sure this is the guide for user authentication, but I also tried user authentication with a certificate based on the following link, but it did not work.
    https://help.codesys.com/webapp/_cds_cmd_cyber_screen;product=codesys;version=3.5.15.0

     

    Last edit: watarium 2020-04-12

Log in to post a comment.