Connectivity Software User's Guide and Reference
CreateWithSecurityRoleIds Method
Example 



OpcLabs.BaseLib Assembly > OpcLabs.BaseLib.Security.User.Extensions Namespace > INameAndPasswordUserManagerExtension Class : CreateWithSecurityRoleIds Method
The user manager.

The value of this parameter cannot be null (Nothing in Visual Basic).

The username for the new user.

The value of this parameter cannot be null (Nothing in Visual Basic).

The password for the new user.

The value of this parameter cannot be null (Nothing in Visual Basic).

The security role IDs to assign to the new user.

The value of this parameter cannot be null (Nothing in Visual Basic).

The individual elements of the parameter value cannot be null (Nothing in Visual Basic).

Creates a new user with the specified username, password, and security role IDs.
Syntax
'Declaration
 

<ExtensionAttribute()>
<JetBrains.Annotations.CanBeNullAttribute()>
Public Shared Function CreateWithSecurityRoleIds( _
   ByVal nameAndPasswordUserManager As INameAndPasswordUserManager, _
   ByVal userName As String, _
   ByVal password As String, _
   ByVal securityRoleIds As IEnumerable(Of String) _
) As String
'Usage
 

Dim nameAndPasswordUserManager As INameAndPasswordUserManager
Dim userName As String
Dim password As String
Dim securityRoleIds As IEnumerable(Of String)
Dim value As String
 
value = INameAndPasswordUserManagerExtension.CreateWithSecurityRoleIds(nameAndPasswordUserManager, userName, password, securityRoleIds)
[Extension()]
[JetBrains.Annotations.CanBeNull()]
public static string CreateWithSecurityRoleIds( 
   INameAndPasswordUserManager nameAndPasswordUserManager,
   string userName,
   string password,
   IEnumerable<string> securityRoleIds
)
[Extension()]
[JetBrains.Annotations.CanBeNull()]
public:
static String^ CreateWithSecurityRoleIds( 
   INameAndPasswordUserManager^ nameAndPasswordUserManager,
   String^ userName,
   String^ password,
   IEnumerable<String^>^ securityRoleIds
)

Parameters

nameAndPasswordUserManager
The user manager.

The value of this parameter cannot be null (Nothing in Visual Basic).

userName
The username for the new user.

The value of this parameter cannot be null (Nothing in Visual Basic).

password
The password for the new user.

The value of this parameter cannot be null (Nothing in Visual Basic).

securityRoleIds
The security role IDs to assign to the new user.

The value of this parameter cannot be null (Nothing in Visual Basic).

The individual elements of the parameter value cannot be null (Nothing in Visual Basic).

Return Value

The security ID of the created user, or null if the operation failed.

This method can return null (Nothing in Visual Basic).

Exceptions
ExceptionDescription
System.ArgumentNullException

A null reference (Nothing in Visual Basic) is passed to a method that does not accept it as a valid argument.

This is a usage error, i.e. it will never occur (the exception will not be thrown) in a correctly written program. Your code should not catch this exception.

System.NotSupportedExceptionAn invoked method is not supported at all, or is not supported with the parameters used to create the object.
Remarks

If the method returns a non-null result, the operation might have been only partially successful.

This is an extension method (info: C#, VB.NET). In languages that have support for extensions methods (such as C# and VB.NET), you can use the extension method as if it were a regular method on the object that is its first parameter. In other languages (such as with Python.NET), you will call the extension as a static method, and pass it the object on which it acts as its first parameter.

Example
// This example shows how to create a user with username & password and assign it specific OPC UA security roles. 
// You can use any OPC UA client, including our Connectivity Explorer and OpcCmd utility, to connect to the server. 
//
// Find all latest examples here: https://www.doc-that.com/files/onlinedocs/OPCLabs-ConnectivityStudio/Latest/examples.html .
// OPC client, server and subscriber examples in C# on GitHub: https://github.com/OPCLabs/Examples-ConnectivityStudio-CSharp .
// Missing some example? Ask us for it on our Online Forums, https://forum.opclabs.com/forum/index ! You do not have to own
// a commercial license in order to use Online Forums, and we reply to every post.

using OpcLabs.BaseLib.Security.User.Extensions;
using OpcLabs.EasyOpc.UA;
using OpcLabs.EasyOpc.UA.NodeSpace;
using OpcLabs.EasyOpc.UA.Security.Subject;
using System;

namespace UAServerDocExamples.AccessControl
{
    internal class NameAndPasswordUserManager
    {
        public static void CreateWithSecurityRoleIds()
        {
            // Instantiate the server object.
            // By default, the server will run on endpoint URL "opc.tcp://localhost:48040/".
            var server = new EasyUAServer();

            // Clear the default security roles (Operator) for the Anonymous user.
            server.UserManagers.Anonymous.SecurityRoleIdSet.Clear();

            // Create a user with username "alpha" and password "pass". The user session will be assigned the Engineer and
            // Operator security roles, in addition to the implicit Anonymous, AuthenticatedUser and possibly
            // TrustedApplication roles.
            server.UserManagers.NameAndPassword.CreateWithSecurityRoleIds("alpha", "pass",
                new string[] {UASecurityRoles.Engineer, UASecurityRoles.Operator});

            // Create a data variable providing random integers.
            var random = new Random();
            var dataVariable = new UADataVariable("MyDataVariable").ReadValueFunction(() => random.Next());

            // Assign permissions to the data variable. In this case, only users with the Engineer security role will be able
            // to browse, read and write the variable.
            dataVariable.PermissionAssignment = new UAPermissionAssignment
            {
                new UARolePermissions(UASecurityRoles.Engineer, UAPermissions.ViewBasic | UAPermissions.ModifyBasic)
            };
            // We do not want to inherit permissions from the parent nodes, as they include viewing for TrustedApplication.
            dataVariable.PermissionsInheritanceType = UAPermissionsInheritanceType.None;

            // Add the data variable to the server's address space.
            server.Add(dataVariable);

            // Start the server.
            Console.WriteLine("The server is starting...");
            server.Start();

            Console.WriteLine("The server is started.");
            Console.WriteLine();

            // Let the user decide when to stop.
            Console.WriteLine("Press Enter to stop the server...");
            Console.ReadLine();

            // Stop the server.
            Console.WriteLine("The server is stopping...");
            server.Stop();

            Console.WriteLine("The server is stopped.");
        }
    }
}
// This example shows how to create and use custom security roles in OPC UA servers.
// You can use any OPC UA client, including our Connectivity Explorer and OpcCmd utility, to connect to the server. 
//
// Find all latest examples here: https://www.doc-that.com/files/onlinedocs/OPCLabs-ConnectivityStudio/Latest/examples.html .
// OPC client, server and subscriber examples in C# on GitHub: https://github.com/OPCLabs/Examples-ConnectivityStudio-CSharp .
// Missing some example? Ask us for it on our Online Forums, https://forum.opclabs.com/forum/index ! You do not have to own
// a commercial license in order to use Online Forums, and we reply to every post.

using OpcLabs.BaseLib.Security.User.Extensions;
using OpcLabs.EasyOpc.UA;
using OpcLabs.EasyOpc.UA.NodeSpace;
using OpcLabs.EasyOpc.UA.Security.Subject;
using System;

namespace UAServerDocExamples.AccessControl
{
    internal class _UASecurityRoles
    {
        public static void Create()
        {
            // Instantiate the server object.
            // By default, the server will run on endpoint URL "opc.tcp://localhost:48040/".
            var server = new EasyUAServer();

            // Create a custom security role with specified Node Id and name.
            UASecurityRole mySecurityRole = UASecurityRoles.Create(
                "nsu=http://my.example;s=MySecurityRole", "MySecurityRole");

            // Create users. Only the user "charlie" will be assigned the custom security role created above.
            server.UserManagers.NameAndPassword.CreateWithSecurityRoleIds("alpha", "pass",
                new string [] {UASecurityRoles.Engineer, UASecurityRoles.Operator});
            server.UserManagers.NameAndPassword.CreateWithSecurityRoleIds("charlie", "pass",
                new string[] { mySecurityRole });

            // Create a data variable providing random integers.
            var random = new Random();
            var dataVariable = new UADataVariable("MyDataVariable").ReadValueFunction(() => random.Next());

            // Assign permissions to the data variable. In this case, only users with our custom security role will be able
            // to browse, read and write the variable.
            dataVariable.PermissionAssignment = new UAPermissionAssignment
            {
                new UARolePermissions(mySecurityRole, UAPermissions.ViewBasic | UAPermissions.ModifyBasic)
            };
            // We do not want to inherit permissions from the parent nodes, as they include viewing for TrustedApplication.
            dataVariable.PermissionsInheritanceType = UAPermissionsInheritanceType.None;

            // Add the data variable to the server's address space.
            server.Add(dataVariable);

            // Start the server.
            Console.WriteLine("The server is starting...");
            server.Start();

            Console.WriteLine("The server is started.");
            Console.WriteLine();

            // Let the user decide when to stop.
            Console.WriteLine("Press Enter to stop the server...");
            Console.ReadLine();

            // Stop the server.
            Console.WriteLine("The server is stopping...");
            server.Stop();

            Console.WriteLine("The server is stopped.");
        }
    }
}
Requirements

Target Platforms: .NET Framework: Windows 10 (selected versions), Windows 11 (selected versions), Windows Server 2016, Windows Server 2022; .NET: Linux, macOS, Microsoft Windows

See Also

Reference

INameAndPasswordUserManagerExtension Class
INameAndPasswordUserManagerExtension Members

 

 

Copyright © 2004-2026 CODE Consulting and Development, s.r.o., Plzen. All rights reserved. Web page: www.opclabs.com

Documentation Home, Send Feedback. Resources: Knowledge Base, Product Downloads. Technical support: Online Forums, FAQ.

Missing some example? Ask us for it on our Online Forums! You do not have to own a commercial license in order to use Online Forums, and we reply to every post.

Follow us on X (Twitter) | Follow us on LinkedIn