com.prosysopc.ua

Class UserTokenPolicies

java.lang.Object

com.prosysopc.ua.UserTokenPolicies

public class UserTokenPolicies
extends Object

This class contains constants of UserTokenPolicy.

These constants are used to initialize the user token policies to the server applications with UaServer#addUserTokenPolicy

Typically, you should configure your server to use the SECURE_USERNAME_PASSWORD_BASIC256SHA256 and SECURE_CERTIFICATE_BASIC256SHA256, respectively, if you wish to enable username-password and/or user certificate based authentication. You may also add the respective AES-policies.

NOTE: The 'Basic256Sha256' policy requires at least 2048 bit Application Instance Certificates. If you need to ensure backwards compatibility and might need to update running server instances that still use 1024 bit certificates, you should also add SECURE_USERNAME_PASSWORD_BASIC256 and SECURE_CERTIFICATE_BASIC256, respectively.

Only in the specific case that you need to support old client applications that can only work 'Basic12Rsa15' policy, you may still consider to also include SECURE_USERNAME_PASSWORD_BASIC128RSA15 and SECURE_CERTIFICATE_BASIC128RSA15, respectively. But beware that there is a known security vulnerability related to it.

Field Summary

Fields

Modifier and Type	Field and Description
static UserTokenPolicy	ANONYMOUS
static UserTokenPolicy	SECURE_CERTIFICATE_AES128_SHA256_RSAOAEP This is an alternative policy to use, if you wish to enable user certificate based authentication with UaServer#addUserTokenPolicy.
static UserTokenPolicy	SECURE_CERTIFICATE_AES256_SHA256_RSAPSS This is an alternative policy to use, if you wish to enable user certificate based authentication with UaServer#addUserTokenPolicy.
static UserTokenPolicy	SECURE_CERTIFICATE_BASIC128RSA15 Deprecated. This UserTokenPolicy uses a SecurityPolicy that is Deprecated in the OPC UA Specification. Using this UserTokenPolicy in applications is not recommended and it should be disabled by default in applications that allow choosing which UserTokenPolicies to use.
static UserTokenPolicy	SECURE_CERTIFICATE_BASIC256 Deprecated. This UserTokenPolicy uses a SecurityPolicy that is Deprecated in the OPC UA Specification. Using this UserTokenPolicy in applications is not recommended and it should be disabled by default in applications that allow choosing which UserTokenPolicies to use.
static UserTokenPolicy	SECURE_CERTIFICATE_BASIC256SHA256 This is the default policy to use, if you wish to enable user certificate based authentication with UaServer#addUserTokenPolicy.
static UserTokenPolicy	SECURE_USERNAME_PASSWORD_AES128_SHA256_RSAOAEP This is an alternative policy to use, if you wish to enable username-password based authentication with UaServer#addUserTokenPolicy.
static UserTokenPolicy	SECURE_USERNAME_PASSWORD_AES256_SHA256_RSAPSS This is an alternative policy to use, if you wish to enable username-password based authentication with UaServer#addUserTokenPolicy.
static UserTokenPolicy	SECURE_USERNAME_PASSWORD_BASIC128RSA15 Deprecated. This UserTokenPolicy uses a SecurityPolicy that is Deprecated in the OPC UA Specification. Using this UserTokenPolicy in applications is not recommended and it should be disabled by default in applications that allow choosing which UserTokenPolicies to use.
static UserTokenPolicy	SECURE_USERNAME_PASSWORD_BASIC256 Deprecated. This UserTokenPolicy uses a SecurityPolicy that is Deprecated in the OPC UA Specification. Using this UserTokenPolicy in applications is not recommended and it should be disabled by default in applications that allow choosing which UserTokenPolicies to use.
static UserTokenPolicy	SECURE_USERNAME_PASSWORD_BASIC256SHA256 This is the default policy to use, if you wish to enable username-password based authentication with UaServer#addUserTokenPolicy.

Method Summary

Methods inherited from class java.lang.Object

clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

Field Detail

ANONYMOUS

public static final UserTokenPolicy ANONYMOUS

SECURE_USERNAME_PASSWORD_BASIC128RSA15

@Deprecated
public static final UserTokenPolicy SECURE_USERNAME_PASSWORD_BASIC128RSA15

Deprecated. This UserTokenPolicy uses a SecurityPolicy that is Deprecated in the OPC UA Specification. Using this UserTokenPolicy in applications is not recommended and it should be disabled by default in applications that allow choosing which UserTokenPolicies to use.

Deprecated. See UserTokenPolicies for more details.

SECURE_USERNAME_PASSWORD_BASIC256

@Deprecated
public static final UserTokenPolicy SECURE_USERNAME_PASSWORD_BASIC256

Deprecated. This UserTokenPolicy uses a SecurityPolicy that is Deprecated in the OPC UA Specification. Using this UserTokenPolicy in applications is not recommended and it should be disabled by default in applications that allow choosing which UserTokenPolicies to use.

Deprecated. See UserTokenPolicies for more details.

SECURE_USERNAME_PASSWORD_BASIC256SHA256

public static final UserTokenPolicy SECURE_USERNAME_PASSWORD_BASIC256SHA256

This is the default policy to use, if you wish to enable username-password based authentication with UaServer#addUserTokenPolicy.

SECURE_USERNAME_PASSWORD_AES128_SHA256_RSAOAEP

public static final UserTokenPolicy SECURE_USERNAME_PASSWORD_AES128_SHA256_RSAOAEP

This is an alternative policy to use, if you wish to enable username-password based authentication with UaServer#addUserTokenPolicy. Usually, you should use it with SECURE_USERNAME_PASSWORD_BASIC256SHA256 to enable better compatibility.

SECURE_USERNAME_PASSWORD_AES256_SHA256_RSAPSS

public static final UserTokenPolicy SECURE_USERNAME_PASSWORD_AES256_SHA256_RSAPSS

This is an alternative policy to use, if you wish to enable username-password based authentication with UaServer#addUserTokenPolicy. Usually, you should use it with SECURE_USERNAME_PASSWORD_BASIC256SHA256 to enable better compatibility.

SECURE_CERTIFICATE_BASIC128RSA15

@Deprecated
public static final UserTokenPolicy SECURE_CERTIFICATE_BASIC128RSA15

Deprecated. This UserTokenPolicy uses a SecurityPolicy that is Deprecated in the OPC UA Specification. Using this UserTokenPolicy in applications is not recommended and it should be disabled by default in applications that allow choosing which UserTokenPolicies to use.

Deprecated. See UserTokenPolicies for more details.

SECURE_CERTIFICATE_BASIC256

@Deprecated
public static final UserTokenPolicy SECURE_CERTIFICATE_BASIC256

Deprecated. This UserTokenPolicy uses a SecurityPolicy that is Deprecated in the OPC UA Specification. Using this UserTokenPolicy in applications is not recommended and it should be disabled by default in applications that allow choosing which UserTokenPolicies to use.

Deprecated. See UserTokenPolicies for more details.

SECURE_CERTIFICATE_BASIC256SHA256

public static final UserTokenPolicy SECURE_CERTIFICATE_BASIC256SHA256

This is the default policy to use, if you wish to enable user certificate based authentication with UaServer#addUserTokenPolicy.

SECURE_CERTIFICATE_AES128_SHA256_RSAOAEP

public static final UserTokenPolicy SECURE_CERTIFICATE_AES128_SHA256_RSAOAEP

This is an alternative policy to use, if you wish to enable user certificate based authentication with UaServer#addUserTokenPolicy. Usually, you should use it with SECURE_CERTIFICATE_BASIC256SHA256 to enable better compatibility.

SECURE_CERTIFICATE_AES256_SHA256_RSAPSS

public static final UserTokenPolicy SECURE_CERTIFICATE_AES256_SHA256_RSAPSS

This is an alternative policy to use, if you wish to enable user certificate based authentication with UaServer#addUserTokenPolicy. Usually, you should use it with SECURE_CERTIFICATE_BASIC256SHA256 to enable better compatibility.