Best practise licensing OPC UA nodes|OPC UA Implementation: Stacks, Tools, and Samples|Forum|OPC Foundation

Avatar
Search
Forum Scope


Match



Forum Options



Minimum search word length is 3 characters - maximum search word length is 84 characters
Lost password?
sp_Feed sp_PrintTopic sp_TopicIcon
Best practise licensing OPC UA nodes
Avatar
tkafka
New Member
Members
Forum Posts: 2
Member Since:
02/17/2023
sp_UserOfflineSmall Offline
1
09/18/2023 - 08:09
sp_Permalink sp_Print sp_EditHistory

Hey OPC UA community,

we are developing an OPC UA server. We want to provide our customers access to some nodes for free but for more detailed information we want only grant access if the customer have a license. The licensing on its own is not the problem but how to deal with the licensed nodes.

We already investigated some ideas but we are not sure which one is the prefered approach respectively if there is a more suitable solution.
One of our ideas was to use the AccessLevel attribute for each property.
Another approach we thought of is not to add the node when there is no license. In this case we would have the problematic to define the node as optional in the informationmodel and we are in doubt if this is a good solution.

Does OPC UA provide any mechanisms or best practise for this use case?

Thanks in advance.

Avatar
Randy Armstrong
Admin
Forum Posts: 1580
Member Since:
05/30/2017
sp_UserOfflineSmall Offline
2
09/19/2023 - 01:08
sp_Permalink sp_Print

You want to create Roles an use RolePermissions to control access to nodes:

https://reference.opcfoundatio…..v105/docs/

Avatar
tkafka
New Member
Members
Forum Posts: 2
Member Since:
02/17/2023
sp_UserOfflineSmall Offline
3
09/19/2023 - 04:31
sp_Permalink sp_Print

Thanks for your fast answer!

We need a solution which works server side only. As I understand in the “Role-Based Security” specification the node access is handled based on information a client provides. Unfortunately this is not an option because the OPC UA Server get the license information from an internal system. 
What about the AccessLevel?
Do you have another suggestion?

Thank you.

Avatar
Randy Armstrong
Admin
Forum Posts: 1580
Member Since:
05/30/2017
sp_UserOfflineSmall Offline
4
09/20/2023 - 00:13
sp_Permalink sp_Print sp_EditHistory

You need to know what customer is connecting to enforce any restrictions.

You can lookup the license info and then use the license info to assign roles.

There is no requirement that the mapping from user identities to roles only use the mapping structures in the spec.

These mappings structures can be ignored or can be used in addition to the mappings provided by your internal mechanisms.

Forum Timezone: America/Phoenix
Most Users Ever Online: 510
Currently Online:
Guest(s) 33
Currently Browsing this Page:
1 Guest(s)
Top Posters:
Forum Stats:
Groups: 2
Forums: 10
Topics: 1446
Posts: 4891