Where is ClientUserId set during alarm acknowledgement?|OPC UA Standard|Forum|OPC Foundation

Avatar
Search
Forum Scope


Match



Forum Options



Minimum search word length is 3 characters - maximum search word length is 84 characters
Lost password?
sp_Feed sp_PrintTopic sp_TopicIcon
Where is ClientUserId set during alarm acknowledgement?
Avatar
Andrew Thomas
Member
Members
Forum Posts: 6
Member Since:
03/04/2014
sp_UserOfflineSmall Offline
1
12/22/2022 - 07:00
sp_Permalink sp_Print

My application sends an acknowledgement to an A&C alarm in a UA server.  It does this by calling the method, MethodIds.AcknowledgeableConditionType_Acknowledge.  This method has 2 arguments, the byte[] event ID and a string comment.

There is no argument to set the ClientUserId on the condition, so I cannot specify who acknowledged this alarm.

Where should ClientUserId be populated in the server’s condition to indicate the acknowledger?  It cannot come from the session information since the session is authenticated using a certificate, not a user name.  In any case, the session user is not necessarily the user name that I want.  My application requires operators to log in to the application, separate from the back-end connection to the UA server, so I want the currently logged-in operator’s name in the ClientUserId, not the session user.

Am I going about this wrong?  Is there a different method that I should be using?

Avatar
Randy Armstrong
Admin
Forum Posts: 1579
Member Since:
05/30/2017
sp_UserOfflineSmall Offline
2
12/22/2022 - 13:05
sp_Permalink sp_Print

https://reference.opcfoundatio…..docs/3.1.1

and

https://reference.opcfoundatio…..f129642935

The ClientUserIdidentifies the user of the client requesting an action. The ClientUserIdcan be obtained from the UserIdentityTokenpassed in the ActivateSessioncall. If the UserIdentityToken is aUserNameIdentityTokenthen the ClientUserId is the UserName.If the UserIdentityToken is anX509IdentityTokenthen the ClientUserId is the X509 Subject Name of the Certificate. If the UserIdentityTokenis anIssuedIdentityTokenthen the ClientUserId shall be a string that represents the owner of the token. The best choice for the string depends on the type of IssuedIdentityToken.If an AnonymousIdentityTokenwas used, the value is null. For a SessionlessInvoke Serviceinvocation the ClientUserId shall be a string that represents the owner of the authenticationTokenin the requestHeader of theService invocation such as the name field of a JWT IssuedIdentityToken.

IOW, it comes from the Session. There is no other choice at this time. You can add a mantis issue asking that your use case be addressed:

https://mantis.opcfoundation.o…..default=no

 

Avatar
Andrew Thomas
Member
Members
Forum Posts: 6
Member Since:
03/04/2014
sp_UserOfflineSmall Offline
3
12/22/2022 - 14:25
sp_Permalink sp_Print

Thanks for the quick response, Randy.  I have added a Mantis issue.

Forum Timezone: America/Phoenix
Most Users Ever Online: 510
Currently Online:
Guest(s) 40
Currently Browsing this Page:
1 Guest(s)
Top Posters:
Forum Stats:
Groups: 2
Forums: 10
Topics: 1445
Posts: 4889