Startsida Utforska Hjälp
Logga in
thomas
/
open62541
Bevaka 1
Stjärnmärk 0
Fork 0
Filer Ärenden 0 Pull-förfrågningar 0 Wiki
Träd: 44d29026dc
Grenar Taggar
open62541
/
plugins
/
ua_accesscontrol_default.c

ua_accesscontrol_default.c 4.1 KB
Historik

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115 
  1. /* This work is licensed under a Creative Commons CCZero 1.0 Universal License.
    2. 

  2.  * See http://creativecommons.org/publicdomain/zero/1.0/ for more information. */
    3. 

  3. 

  4. #include "ua_accesscontrol_default.h"
    5. 

  5. 

  6. /* We allow login anonymous and with the following username / password. The
    7. 

  7.  * access rights are maximally permissive in this example plugin. */
    8. 

  8. 

  9. #define ANONYMOUS_POLICY "open62541-anonymous-policy"
    10. 

  10. #define USERNAME_POLICY "open62541-username-policy"
    11. 

  11. 

  12. #define UA_STRING_STATIC(s) {sizeof(s)-1, (UA_Byte*)s}
    13. 

  13. const UA_String anonymous_policy = UA_STRING_STATIC(ANONYMOUS_POLICY);
    14. 

  14. const UA_String username_policy = UA_STRING_STATIC(USERNAME_POLICY);
    15. 

  15. 

  16. UA_StatusCode
    17. 

  17. activateSession_default(const UA_NodeId *sessionId, const UA_ExtensionObject *userIdentityToken,
    18. 

  18.                         void **sessionHandle) {
    19. 

  19.     /* Could the token be decoded? */
    20. 

  20.     if(userIdentityToken->encoding < UA_EXTENSIONOBJECT_DECODED)
    21. 

  21.         return UA_STATUSCODE_BADIDENTITYTOKENINVALID;
    22. 

  22. 

  23.     /* anonymous login */
    24. 

  24.     if(enableAnonymousLogin &&
    25. 

  25.        userIdentityToken->content.decoded.type == &UA_TYPES[UA_TYPES_ANONYMOUSIDENTITYTOKEN]) {
    26. 

  26.         const UA_AnonymousIdentityToken *token = (UA_AnonymousIdentityToken *)userIdentityToken->content.decoded.data;
    27. 

  27. 

  28.         /* Compatibility notice: Siemens OPC Scout v10 provides an empty
    29. 

  29.          * policyId. This is not compliant. For compatibility we will assume
    30. 

  30.          * that empty policyId == ANONYMOUS_POLICY */
    31. 

  31.         if(token->policyId.data && !UA_String_equal(&token->policyId, &anonymous_policy))
    32. 

  32.             return UA_STATUSCODE_BADIDENTITYTOKENINVALID;
    33. 

  33. 

  34.         *sessionHandle = NULL;
    35. 

  35.         return UA_STATUSCODE_GOOD;
    36. 

  36.     }
    37. 

  37. 

  38.     /* username and password */
    39. 

  39.     if(enableUsernamePasswordLogin &&
    40. 

  40.        userIdentityToken->content.decoded.type == &UA_TYPES[UA_TYPES_USERNAMEIDENTITYTOKEN]) {
    41. 

  41.         const UA_UserNameIdentityToken *token = (UA_UserNameIdentityToken *)userIdentityToken->content.decoded.data;
    42. 

  42.         if(!UA_String_equal(&token->policyId, &username_policy))
    43. 

  43.             return UA_STATUSCODE_BADIDENTITYTOKENINVALID;
    44. 

  44. 

  45.         /* empty username and password */
    46. 

  46.         if(token->userName.length == 0 && token->password.length == 0)
    47. 

  47.             return UA_STATUSCODE_BADIDENTITYTOKENINVALID;
    48. 

  48. 

  49.         /* trying to match pw/username */
    50. 

  50.         UA_Boolean match = false;
    51. 

  51.         for(size_t i = 0; i < usernamePasswordsSize; i++) {
    52. 

  52.             const UA_String *user = &usernamePasswords[i].username;
    53. 

  53.             const UA_String *pw = &usernamePasswords[i].password;
    54. 

  54.             if(UA_String_equal(&token->userName, user) && UA_String_equal(&token->password, pw)) {
    55. 

  55.                 match = true;
    56. 

  56.                 break;
    57. 

  57.             }
    58. 

  58.         }
    59. 

  59.         if(!match)
    60. 

  60.             return UA_STATUSCODE_BADUSERACCESSDENIED;
    61. 

  61. 

  62.         *sessionHandle = NULL;
    63. 

  63.         return UA_STATUSCODE_GOOD;
    64. 

  64.     }
    65. 

  65. 

  66.     /* Unsupported token type */
    67. 

  67.     return UA_STATUSCODE_BADIDENTITYTOKENINVALID;
    68. 

  68. }
    69. 

  69. 

  70. void
    71. 

  71. closeSession_default(const UA_NodeId *sessionId, void *sessionHandle) {
    72. 

  72.     /* no handle to clean up */
    73. 

  73. }
    74. 

  74. 

  75. UA_UInt32
    76. 

  76. getUserRightsMask_default(const UA_NodeId *sessionId, void *sessionHandle, const UA_NodeId *nodeId) {
    77. 

  77.     return 0xFFFFFFFF;
    78. 

  78. }
    79. 

  79. 

  80. UA_Byte
    81. 

  81. getUserAccessLevel_default(const UA_NodeId *sessionId, void *sessionHandle, const UA_NodeId *nodeId) {
    82. 

  82.     return 0xFF;
    83. 

  83. }
    84. 

  84. 

  85. UA_Boolean
    86. 

  86. getUserExecutable_default(const UA_NodeId *sessionId, void *sessionHandle, const UA_NodeId *nodeId) {
    87. 

  87.     return true;
    88. 

  88. }
    89. 

  89. 

  90. UA_Boolean
    91. 

  91. getUserExecutableOnObject_default(const UA_NodeId *sessionId, void *sessionHandle,
    92. 

  92.                                   const UA_NodeId *methodId, const UA_NodeId *objectId) {
    93. 

  93.     return true;
    94. 

  94. }
    95. 

  95. 

  96. UA_Boolean
    97. 

  97. allowAddNode_default(const UA_NodeId *sessionId, void *sessionHandle, const UA_AddNodesItem *item) {
    98. 

  98.     return true;
    99. 

  99. }
    100. 

  100. 

  101. UA_Boolean
    102. 

  102. allowAddReference_default(const UA_NodeId *sessionId, void *sessionHandle, const UA_AddReferencesItem *item) {
    103. 

  103.     return true;
    104. 

  104. }
    105. 

  105. 

  106. UA_Boolean
    107. 

  107. allowDeleteNode_default(const UA_NodeId *sessionId, void *sessionHandle, const UA_DeleteNodesItem *item) {
    108. 

  108.     return true;
    109. 

  109. }
    110. 

  110.       
    111. 

  111. UA_Boolean
    112. 

  112. allowDeleteReference_default(const UA_NodeId *sessionId, void *sessionHandle, const UA_DeleteReferencesItem *item) {
    113. 

  113.     return true;
    114. 

  114. }
    115. 

  115.