Hi,
I have difficulties in finding any statement in the specifications about if there are any user identity tokens that are required to support. For example, is it ok to only support username/password token?
We are currently developing a product where we chose to only support the username/password token and getting errors in the CTT which expects to find an Anonymous token in the endpoint (Test case Security -> Security None CreateSession ActivateSession). Is the test wrong or do we need to support Anonymous token as well?
Br, Jonas.
10/02/2014
I did not see anything int he specification that indicates you are required to support Anonymous however I have found that it is nice to have the ability to do a no security anonymous connection just the test that a client is working well with a server. I think the recommended way would be to offer None, Basic128RSA15, and Basic256 with Username/Password and Anonymous with the default endpoints requiring the Username and password. Allow the user to enable the other options if they want to.
Support of anonymous user tokens is optional for the Server (in all profiles).
Support is recommended for Clients and is mandatory for the “Standard UA Client Profile” (https://opcfoundation.org/UA-P…..t/Standard).
1 Guest(s)