OPC Studio User's Guide and Reference
SecurityKeyServiceTemplate Property (UAPubSubCommunicationParameters)
Example 



OpcLabs.EasyOpcUA Assembly > OpcLabs.EasyOpc.UA.PubSub Namespace > UAPubSubCommunicationParameters Class : SecurityKeyServiceTemplate Property
The template used to fill in information missing from SecurityKeyServices.
Syntax
'Declaration
 

Public Property SecurityKeyServiceTemplate As UAEndpointDescriptor
'Usage
 

Dim instance As UAPubSubCommunicationParameters
Dim value As UAEndpointDescriptor
 
instance.SecurityKeyServiceTemplate = value
 
value = instance.SecurityKeyServiceTemplate
public UAEndpointDescriptor SecurityKeyServiceTemplate {get; set;}
public:
property UAEndpointDescriptor^ SecurityKeyServiceTemplate {
   UAEndpointDescriptor^ get();
   void set (    UAEndpointDescriptor^ value);
}

Property Value

The value of this property cannot be null (Nothing in Visual Basic).

Remarks

If SecurityKeyServices are empty, and the SecurityKeyServiceTemplate is not a null endpoint descriptor (OpcLabs.EasyOpc.UA.UAEndpointDescriptor.IsNull), the SecurityKeyServiceTemplate will be used as a single security key service for the operation. If SecurityKeyServices are not empty, the information from SecurityKeyServiceTemplate is used as default for unspecified parts of each element in SecurityKeyServices. This affects:

Because the OpcLabs.EasyOpc.UA.UAEndpointDescriptor has an implicit conversion from System.String and System.Uri, in languages that support implicit conversion operators (such as C# or VB.NET), you can simply use a string (representing the endpoint URL, or a so-called OPC UA endpoint descriptor string), or a System.Uri object, when setting this property, and the corresponding endpoint descriptor will be constructed automatically. When the implicit conversion operators are not supported (such as with Python.NET), you can use the OpcLabs.EasyOpc.UA.UAEndpointDescriptor.FromString or OpcLabs.EasyOpc.UA.UAEndpointDescriptor.FromUri static method instead.

Also, because the OpcLabs.EasyOpc.UA.Discovery.UAApplicationElement and OpcLabs.EasyOpc.UA.Discovery.UADiscoveryElement have an implicit conversion to OpcLabs.EasyOpc.UA.UAEndpointDescriptor, in languages that support implicit conversion operators (such as C# or VB.NET), you can simply use a OpcLabs.EasyOpc.UA.Discovery.UAApplicationElement or OpcLabs.EasyOpc.UA.Discovery.UADiscoveryElement (results from OPC UA discovery) in place of OpcLabs.EasyOpc.UA.UAEndpointDescriptor when setting this property, and the corresponding endpoint descriptor will be constructed automatically. When the implicit conversion operators are not supported (such as with Python.NET), you can convert a (non-null) OpcLabs.EasyOpc.UA.Discovery.UAApplicationElement or OpcLabs.EasyOpc.UA.Discovery.UADiscoveryElement to OpcLabs.EasyOpc.UA.UAEndpointDescriptor using the OpcLabs.EasyOpc.UA.Discovery.UAApplicationElement.ToUAEndpointDescriptor or OpcLabs.EasyOpc.UA.Discovery.UADiscoveryElement.ToUAEndpointDescriptor method instead.

Example
// This example shows how to securely subscribe to signed and encrypted dataset messages.
// An external Security Key Service (SKS) is needed (not a part of QuickOPC).
//
// The network messages for this example can be published e.g. using the UADemoPublisher tool - see
// https://kb.opclabs.com/How_to_publish_or_subscribe_to_secure_OPC_UA_PubSub_messages .
//
// Find all latest examples here: https://opclabs.doc-that.com/files/onlinedocs/OPCLabs-OpcStudio/Latest/examples.html .
// OPC client and subscriber examples in C# on GitHub: https://github.com/OPCLabs/Examples-QuickOPC-CSharp .
// Missing some example? Ask us for it on our Online Forums, https://www.opclabs.com/forum/index ! You do not have to own
// a commercial license in order to use Online Forums, and we reply to every post.

using System;
using System.Collections.Generic;
using System.Threading;
using OpcLabs.EasyOpc.UA.Engine;
using OpcLabs.EasyOpc.UA.PubSub;
using OpcLabs.EasyOpc.UA.PubSub.OperationModel;

namespace UASubscriberDocExamples.PubSub._EasyUASubscriber
{
    partial class SubscribeDataSet
    {
        public static void Secure()
        {
            // Define the PubSub connection we will work with. Uses implicit conversion from a string.
            UAPubSubConnectionDescriptor pubSubConnectionDescriptor = "opc.udp://239.0.0.1";
            // In some cases you may have to set the interface (network adapter) name that needs to be used, similarly to
            // the statement below. Your actual interface name may differ, of course.
            //pubSubConnectionDescriptor.ResourceAddress.InterfaceName = "Ethernet";

            // Define the arguments for subscribing to the dataset.
            var subscribeDataSetArguments = new UASubscribeDataSetArguments(pubSubConnectionDescriptor)
            {
                DataSetSubscriptionDescriptor =
                {
                    CommunicationParameters =
                    {
                        // Specifies the security mode for the PubSub network messages received. This is a minimum security
                        // mode that you want to accept.
                        SecurityMode = UAMessageSecurityModes.SecuritySignAndEncrypt,
                        SecurityKeyServiceTemplate =
                        {
                            // Specifies the URL of the SKS (Security Key Service) endpoint.
                            UrlString = "opc.tcp://localhost:48010", 
                            // Specifies the security mode that will be used to connect to the SKS.
                            EndpointSelectionPolicy = UAMessageSecurityModes.SecuritySignAndEncrypt,
                            // Specifies the user name and password used for "logging in" to the SKS.
                            UserIdentity = { UserNameTokenInfo = { UserName = "root", Password = "secret" }}
                        },
                        // Specifies the Id of the security group in the SKS that will be used (the security group in the
                        // SKS is configured to use certain security policy, and has other parameters detailing how the
                        // security keys are generated).
                        SecurityGroupId = "TestGroup"
                    }
                }
            };

            // Instantiate the subscriber object and hook events.
            var subscriber = new EasyUASubscriber();
            subscriber.DataSetMessage += subscriber_DataSetMessage_Secure;

            Console.WriteLine("Subscribing...");
            subscriber.SubscribeDataSet(subscribeDataSetArguments);

            Console.WriteLine("Processing dataset message events for 20 seconds...");
            Thread.Sleep(20 * 1000);

            Console.WriteLine("Unsubscribing...");
            subscriber.UnsubscribeAllDataSets();

            Console.WriteLine("Waiting for 1 second...");
            // Unsubscribe operation is asynchronous, messages may still come for a short while.
            Thread.Sleep(1 * 1000);

            Console.WriteLine("Finished.");
        }

        static void subscriber_DataSetMessage_Secure(object sender, EasyUADataSetMessageEventArgs e)
        {
            // Display the dataset.
            if (e.Succeeded)
            {
                // An event with null DataSetData just indicates a successful connection.
                if (!(e.DataSetData is null))
                {
                    Console.WriteLine();
                    Console.WriteLine($"Dataset data: {e.DataSetData}");
                    foreach (KeyValuePair<string, UADataSetFieldData> pair in e.DataSetData.FieldDataDictionary)
                        Console.WriteLine(pair);
                }
            }
            else
            {
                Console.WriteLine();
                Console.WriteLine($"*** Failure: {e.ErrorMessageBrief}");
            }
        }
    }
}
' This example shows how to securely subscribe to signed and encrypted dataset messages.
' An external Security Key Service (SKS) is needed (not a part of QuickOPC).
'
' The network messages for this example can be published e.g. using the UADemoPublisher tool - see
' https://kb.opclabs.com/How_to_publish_or_subscribe_to_secure_OPC_UA_PubSub_messages .
'
' Find all latest examples here: https://opclabs.doc-that.com/files/onlinedocs/OPCLabs-OpcStudio/Latest/examples.html .
' OPC client and subscriber examples in VB.NET on GitHub: https://github.com/OPCLabs/Examples-QuickOPC-VBNET .
' Missing some example? Ask us for it on our Online Forums, https://www.opclabs.com/forum/index ! You do not have to own
' a commercial license in order to use Online Forums, and we reply to every post.

Imports OpcLabs.EasyOpc.UA.Engine
Imports OpcLabs.EasyOpc.UA.PubSub
Imports OpcLabs.EasyOpc.UA.PubSub.OperationModel

Namespace PubSub._EasyUASubscriber
    Partial Friend Class SubscribeDataSet
        Public Shared Sub Secure()

            ' Define the PubSub connection we will work with. Uses implicit conversion from a string.
            Dim pubSubConnectionDescriptor As UAPubSubConnectionDescriptor = "opc.udp://239.0.0.1"
            ' In some cases you may have to set the interface (network adapter) name that needs to be used, similarly to
            ' the statement below. Your actual interface name may differ, of course.
            'pubSubConnectionDescriptor.ResourceAddress.InterfaceName = "Ethernet";

            ' Define the arguments for subscribing to the dataset.
            Dim subscribeDataSetArguments = New UASubscribeDataSetArguments(pubSubConnectionDescriptor)
            ' Specifies the security mode for the PubSub network messages received. 
            ' This is a minimum security mode that you want to accept.
            subscribeDataSetArguments.DataSetSubscriptionDescriptor.CommunicationParameters.SecurityMode = UAMessageSecurityModes.SecuritySignAndEncrypt
            ' Specifies the URL of the SKS (Security Key Service) endpoint.
            subscribeDataSetArguments.DataSetSubscriptionDescriptor.CommunicationParameters.SecurityKeyServiceTemplate.UrlString = "opc.tcp://localhost:48010"
            ' Specifies the security mode that will be used to connect to the SKS.
            subscribeDataSetArguments.DataSetSubscriptionDescriptor.CommunicationParameters.SecurityKeyServiceTemplate.EndpointSelectionPolicy = UAMessageSecurityModes.SecuritySignAndEncrypt
            ' Specifies the user name and password used for "logging in" to the SKS.
            subscribeDataSetArguments.DataSetSubscriptionDescriptor.CommunicationParameters.SecurityKeyServiceTemplate.UserIdentity.UserNameTokenInfo.UserName = "root"
            subscribeDataSetArguments.DataSetSubscriptionDescriptor.CommunicationParameters.SecurityKeyServiceTemplate.UserIdentity.UserNameTokenInfo.Password = "secret"
            ' Specifies the Id of the security group in the SKS that will be used (the security group in the
            ' SKS is configured to use certain security policy, and has other parameters detailing how the
            ' security keys are generated).
            subscribeDataSetArguments.DataSetSubscriptionDescriptor.CommunicationParameters.SecurityGroupId = "TestGroup"

            ' Instantiate the subscriber object and hook events.
            Dim subscriber = New EasyUASubscriber()
            AddHandler subscriber.DataSetMessage, AddressOf subscriber_DataSetMessage_Secure

            Console.WriteLine("Subscribing...")
            subscriber.SubscribeDataSet(subscribeDataSetArguments)

            Console.WriteLine("Processing dataset message events for 20 seconds...")
            Threading.Thread.Sleep(20 * 1000)

            Console.WriteLine("Unsubscribing...")
            subscriber.UnsubscribeAllDataSets()

            Console.WriteLine("Waiting for 1 second...")
            ' Unsubscribe operation is asynchronous, messages may still come for a short while.
            Threading.Thread.Sleep(1 * 1000)

            Console.WriteLine("Finished...")
        End Sub

        Private Shared Sub subscriber_DataSetMessage_Secure(ByVal sender As Object, ByVal e As EasyUADataSetMessageEventArgs)
            ' Display the dataset.
            If e.Succeeded Then
                ' An event with null DataSetData just indicates a successful connection.
                If e.DataSetData IsNot Nothing Then
                    Console.WriteLine()
                    Console.WriteLine($"Dataset data: {e.DataSetData}")
                    For Each pair As KeyValuePair(Of String, UADataSetFieldData) In e.DataSetData.FieldDataDictionary
                        Console.WriteLine(pair)
                    Next
                End If
            Else
                Console.WriteLine()
                Console.WriteLine($"*** Failure: {e.ErrorMessageBrief}")
            End If
        End Sub
    End Class
End Namespace

REM This example shows how to securely subscribe to signed and encrypted dataset messages.
REM An external Security Key Service (SKS) is needed (not a part of QuickOPC).
REM
REM The network messages for this example can be published e.g. using the UADemoPublisher tool - see
REM https://kb.opclabs.com/How_to_publish_or_subscribe_to_secure_OPC_UA_PubSub_messages .
REM
REM Find all latest examples here: https://opclabs.doc-that.com/files/onlinedocs/OPCLabs-OpcStudio/Latest/examples.html .
REM OPC client and subscriber examples in Visual Basic on GitHub: https://github.com/OPCLabs/Examples-QuickOPC-VB .
REM Missing some example? Ask us for it on our Online Forums, https://www.opclabs.com/forum/index ! You do not have to own
REM a commercial license in order to use Online Forums, and we reply to every post.

' The subscriber object, with events
'Public WithEvents Subscriber6 As EasyUASubscriber

Private Sub EasyUASubscriber_SubscribeDataSet_Secure_Command_Click()
    OutputText = ""

    ' Define the PubSub connection we will work with.
    Dim subscribeDataSetArguments As New EasyUASubscribeDataSetArguments
    Dim ConnectionDescriptor As UAPubSubConnectionDescriptor
    Set ConnectionDescriptor = subscribeDataSetArguments.dataSetSubscriptionDescriptor.ConnectionDescriptor
    ConnectionDescriptor.ResourceAddress.ResourceDescriptor.UrlString = "opc.udp://239.0.0.1"
    ' In some cases you may have to set the interface (network adapter) name that needs to be used, similarly to
    ' the statement below. Your actual interface name may differ, of course.
    'ConnectionDescriptor.ResourceAddress.InterfaceName := 'Ethernet';

    ' Define the arguments for subscribing to the dataset.
    Dim comunicationParameters As New UASubscriberCommunicationParameters
    ' Specifies the security mode for the PubSub network messages received. This is a minimum security
    ' mode that you want to accept.
    comunicationParameters.SecurityMode = UAMessageSecurityModes_SecuritySignAndEncrypt
    ' Specifies the URL of the SKS (Security Key Service) endpoint.
    comunicationParameters.SecurityKeyServiceTemplate.UrlString = "opc.tcp://localhost:48010"
    ' Specifies the security mode that will be used to connect to the SKS.
    Dim endpointSelectionPolicy As New UAEndpointSelectionPolicy
    endpointSelectionPolicy.AllowedMessageSecurityModes = UAMessageSecurityModes_SecuritySignAndEncrypt
    Set comunicationParameters.SecurityKeyServiceTemplate.endpointSelectionPolicy = endpointSelectionPolicy ' UAMessageSecurityModes_SecuritySignAndEncrypt
    ' Specifies the user name and password used for "logging in" to the SKS.
    comunicationParameters.SecurityKeyServiceTemplate.UserIdentity.UserNameTokenInfo.UserName = "root"
    comunicationParameters.SecurityKeyServiceTemplate.UserIdentity.UserNameTokenInfo.Password = "secret"
    ' Specifies the Id of the security group in the SKS that will be used (the security group in the
    ' SKS is configured to use certain security policy, and has other parameters detailing how the
    ' security keys are generated).
    comunicationParameters.securityGroupId = "TestGroup"
    
    Set subscribeDataSetArguments.dataSetSubscriptionDescriptor.CommunicationParameters = comunicationParameters
    
    ' Instantiate the subscriber object and hook events.
    Set Subscriber6 = New EasyUASubscriber
        
    OutputText = OutputText & "Subscribing..." & vbCrLf
    Call Subscriber6.SubscribeDataSet(subscribeDataSetArguments)

    OutputText = OutputText & "Processing dataset message for 20 seconds..." & vbCrLf
    Pause 20000

    OutputText = OutputText & "Unsubscribing..." & vbCrLf
    Subscriber6.UnsubscribeAllDataSets

    OutputText = OutputText & "Waiting for 1 second..." & vbCrLf
    ' Unsubscribe operation is asynchronous, messages may still come for a short while.
    Pause 1000

    Set Subscriber6 = Nothing

    OutputText = OutputText & "Finished." & vbCrLf
End Sub

Private Sub Subscriber6_DataSetMessage(ByVal sender As Variant, ByVal eventArgs As EasyUADataSetMessageEventArgs)
    ' Display the dataset
    If eventArgs.Succeeded Then
        ' An event with null DataSetData just indicates a successful connection.
        If Not eventArgs.DataSetData Is Nothing Then
            OutputText = OutputText & vbCrLf
            OutputText = OutputText & "Dataset data: " & eventArgs.DataSetData & vbCrLf
            Dim dictionaryEntry2 : For Each dictionaryEntry2 In eventArgs.DataSetData.FieldDataDictionary
                OutputText = OutputText & dictionaryEntry2 & vbCrLf
            Next
        End If
    Else
        OutputText = OutputText & vbCrLf
        OutputText = OutputText & eventArgs.ErrorMessageBrief & vbCrLf
    End If
End Sub
# This example shows how to securely subscribe to signed and encrypted dataset messages.
# An external Security Key Service (SKS) is needed (not a part of QuickOPC).
#
# In order to produce network messages for this example, run the UADemoPublisher tool. For documentation, see
# https://kb.opclabs.com/UADemoPublisher_Basics . In some cases, you may have to specify the interface name to be used.
#
# Find all latest examples here: https://opclabs.doc-that.com/files/onlinedocs/OPCLabs-OpcStudio/Latest/examples.html .
# OPC client and subscriber examples in Python on GitHub: https://github.com/OPCLabs/Examples-QuickOPC-Python .
# Missing some example? Ask us for it on our Online Forums, https://www.opclabs.com/forum/index ! You do not have to own
# a commercial license in order to use Online Forums, and we reply to every post.
# The QuickOPC package is needed. Install it using "pip install opclabs_quickopc".
import opclabs_quickopc
import time

# Import .NET namespaces.
from OpcLabs.EasyOpc.UA.Engine import *
from OpcLabs.EasyOpc.UA.PubSub import *
from OpcLabs.EasyOpc.UA.PubSub.OperationModel import *


def dataSetMessage(sender, e):
    # Display the dataset.
    if e.Succeeded:
        # An event with null DataSetData just indicates a successful connection.
        if e.DataSetData is not None:
            print('')
            print('Dataset data: ', e.DataSetData, sep='')
            for pair in e.DataSetData.FieldDataDictionary:
                print(pair)
    else:
        print('')
        print('*** Failure: ', e.ErrorMessageBrief, sep='')


# Define the PubSub connection we will work with. Uses implicit conversion from a string.
pubSubConnectionDescriptor = UAPubSubConnectionDescriptor.op_Implicit('opc.udp://239.0.0.1')
# In some cases you may have to set the interface (network adapter) name that needs to be used, similarly to
# the statement below. Your actual interface name may differ, of course.
#pubSubConnectionDescriptor.ResourceAddress.InterfaceName = 'Ethernet'

# Define the arguments for subscribing to the dataset.
subscribeDataSetArguments = UASubscribeDataSetArguments(pubSubConnectionDescriptor)
# Specifies the security mode for the PubSub network messages received. This is a minimum security
# mode that you want to accept.
subscribeDataSetArguments.DataSetSubscriptionDescriptor.CommunicationParameters.\
    SecurityMode = UAMessageSecurityModes.SecuritySignAndEncrypt
# Specifies the URL of the SKS (Security Key Service) endpoint.
subscribeDataSetArguments.DataSetSubscriptionDescriptor.CommunicationParameters.SecurityKeyServiceTemplate.\
    UrlString = 'opc.tcp://localhost:48010'
subscribeDataSetArguments.DataSetSubscriptionDescriptor.CommunicationParameters.SecurityKeyServiceTemplate.\
    EndpointSelectionPolicy = UAEndpointSelectionPolicy.FromUAMessageSecurityModes(UAMessageSecurityModes.SecuritySignAndEncrypt)
# Specifies the user name and password used for "logging in" to the SKS.
subscribeDataSetArguments.DataSetSubscriptionDescriptor.CommunicationParameters.SecurityKeyServiceTemplate.\
    UserIdentity.UserNameTokenInfo.UserName = 'root'
subscribeDataSetArguments.DataSetSubscriptionDescriptor.CommunicationParameters.SecurityKeyServiceTemplate.\
    UserIdentity.UserNameTokenInfo.Password = 'secret'
# Specifies the Id of the security group in the SKS that will be used (the security group in the
# SKS is configured to use certain security policy, and has other parameters detailing how the
# security keys are generated).
subscribeDataSetArguments.DataSetSubscriptionDescriptor.CommunicationParameters.SecurityGroupId = 'TestGroup'

# Instantiate the subscriber object and hook events.
subscriber = EasyUASubscriber()
subscriber.DataSetMessage += dataSetMessage

print('Subscribing...')
IEasyUASubscriberExtension.SubscribeDataSet(subscriber, subscribeDataSetArguments)

print('Processing dataset message events for 20 seconds...')
time.sleep(20)

print('Unsubscribing...')
subscriber.UnsubscribeAllDataSets()

print('Waiting for 1 second...')
# Unsubscribe operation is asynchronous, messages may still come for a short while.
time.sleep(1)

subscriber.DataSetMessage -= dataSetMessage

print('Finished.')
Requirements

Target Platforms: .NET Framework: Windows 10 (selected versions), Windows 11 (selected versions), Windows Server 2016, Windows Server 2022; .NET: Linux, macOS, Microsoft Windows

See Also

Reference

UAPubSubCommunicationParameters Class
UAPubSubCommunicationParameters Members

 

 

Copyright © 2004-2024 CODE Consulting and Development, s.r.o., Plzen. All rights reserved. Web page: www.opclabs.com

Documentation Home, Send Feedback. Resources: Knowledge Base, Product Downloads. Technical support: Online Forums, FAQ.

Missing some example? Ask us for it on our Online Forums! You do not have to own a commercial license in order to use Online Forums, and we reply to every post.