Connectivity Software User's Guide and Reference
UASecurityRole Class
Members  Example 



OpcLabs.EasyOpcUAPrimitives Assembly > OpcLabs.EasyOpc.UA.Security.Subject Namespace : UASecurityRole Class
Represents an OPC UA security role.
Object Model
UASecurityRole ClassUANodeId Class
Syntax
'Declaration
 

<ComVisibleAttribute(False)>
<ExceptionContractAnnotationAttribute()>
Public Class UASecurityRole 
   Implements OpcLabs.BaseLib.Security.ISecurityObject, OpcLabs.BaseLib.Security.Subject.ISecurityRole 
'Usage
 

Dim instance As UASecurityRole
[ComVisible(false)]
[ExceptionContractAnnotation()]
public class UASecurityRole : OpcLabs.BaseLib.Security.ISecurityObject, OpcLabs.BaseLib.Security.Subject.ISecurityRole  
[ComVisible(false)]
[ExceptionContractAnnotation()]
public ref class UASecurityRole : public OpcLabs.BaseLib.Security.ISecurityObject, OpcLabs.BaseLib.Security.Subject.ISecurityRole
Remarks

This class wraps an OPC UA role node ID and provides functionality for working with security roles, including conversions to security ID strings and node IDs.

Because UASecurityRole has an implicit conversion to System.String, you can use UASecurityRole in any place where System.String is expected as input, and the corresponding string (security ID) will be constructed automatically from the security role. When the implicit conversion operators are not supported (such as with Python.NET), you can use the SecurityId property instead.

Because UASecurityRole has an implicit conversion to OpcLabs.EasyOpc.UA.AddressSpace.UANodeId, you can use UASecurityRole in any place where OpcLabs.EasyOpc.UA.AddressSpace.UANodeId is expected as input, and the node ID (OPC UA role ID) will be constructed automatically from the security role. When the implicit conversion operators are not supported (such as with Python.NET), you can use the ToUANodeId static method instead.

Example
// This example shows how to create and use custom security roles in OPC UA servers.
// You can use any OPC UA client, including our Connectivity Explorer and OpcCmd utility, to connect to the server. 
//
// Find all latest examples here: https://www.doc-that.com/files/onlinedocs/OPCLabs-ConnectivityStudio/Latest/examples.html .
// OPC client, server and subscriber examples in C# on GitHub: https://github.com/OPCLabs/Examples-ConnectivityStudio-CSharp .
// Missing some example? Ask us for it on our Online Forums, https://forum.opclabs.com/forum/index ! You do not have to own
// a commercial license in order to use Online Forums, and we reply to every post.

using OpcLabs.BaseLib.Security.User.Extensions;
using OpcLabs.EasyOpc.UA;
using OpcLabs.EasyOpc.UA.NodeSpace;
using OpcLabs.EasyOpc.UA.Security.Subject;
using System;

namespace UAServerDocExamples.AccessControl
{
    internal class _UASecurityRoles
    {
        public static void Create()
        {
            // Instantiate the server object.
            // By default, the server will run on endpoint URL "opc.tcp://localhost:48040/".
            var server = new EasyUAServer();

            // Create a custom security role with specified Node Id and name.
            UASecurityRole mySecurityRole = UASecurityRoles.Create(
                "nsu=http://my.example;s=MySecurityRole", "MySecurityRole");

            // Create users. Only the user "charlie" will be assigned the custom security role created above.
            server.UserManagers.NameAndPassword.CreateWithSecurityRoleIds("alpha", "pass",
                new string [] {UASecurityRoles.Engineer, UASecurityRoles.Operator});
            server.UserManagers.NameAndPassword.CreateWithSecurityRoleIds("charlie", "pass",
                new string[] { mySecurityRole });

            // Create a data variable providing random integers.
            var random = new Random();
            var dataVariable = new UADataVariable("MyDataVariable").ReadValueFunction(() => random.Next());

            // Assign permissions to the data variable. In this case, only users with our custom security role will be able
            // to browse, read and write the variable.
            dataVariable.PermissionAssignment = new UAPermissionAssignment
            {
                new UARolePermissions(mySecurityRole, UAPermissions.ViewBasic | UAPermissions.ModifyBasic)
            };
            // We do not want to inherit permissions from the parent nodes, as they include viewing for TrustedApplication.
            dataVariable.PermissionsInheritanceType = UAPermissionsInheritanceType.None;

            // Add the data variable to the server's address space.
            server.Add(dataVariable);

            // Start the server.
            Console.WriteLine("The server is starting...");
            server.Start();

            Console.WriteLine("The server is started.");
            Console.WriteLine();

            // Let the user decide when to stop.
            Console.WriteLine("Press Enter to stop the server...");
            Console.ReadLine();

            // Stop the server.
            Console.WriteLine("The server is stopping...");
            server.Stop();

            Console.WriteLine("The server is stopped.");
        }
    }
}
Inheritance Hierarchy

System.Object
   OpcLabs.EasyOpc.UA.Security.Subject.UASecurityRole

Requirements

Target Platforms: .NET Framework: Windows 10 (selected versions), Windows 11 (selected versions), Windows Server 2016, Windows Server 2022; .NET: Linux, macOS, Microsoft Windows

See Also

Reference

UASecurityRole Members
OpcLabs.EasyOpc.UA.Security.Subject Namespace

UASecurityRoles Class

 

 

Copyright © 2004-2026 CODE Consulting and Development, s.r.o., Plzen. All rights reserved. Web page: www.opclabs.com

Documentation Home, Send Feedback. Resources: Knowledge Base, Product Downloads. Technical support: Online Forums, FAQ.

Missing some example? Ask us for it on our Online Forums! You do not have to own a commercial license in order to use Online Forums, and we reply to every post.

Follow us on X (Twitter) | Follow us on LinkedIn