QuickOPC User's Guide and Reference
SecurityMode Property (UAPubSubCommunicationParameters)
Example 



OpcLabs.EasyOpcUA Assembly > OpcLabs.EasyOpc.UA.PubSub Namespace > UAPubSubCommunicationParameters Class : SecurityMode Property
Indicates the level of security applied to the network messages (or None for the level to be inferred).
Syntax
'Declaration
 
<DefaultValueAttribute(Mono.Cecil.CustomAttributeArgument)>
Public Property SecurityMode As UAMessageSecurityModes
'Usage
 
Dim instance As UAPubSubCommunicationParameters
Dim value As UAMessageSecurityModes
 
instance.SecurityMode = value
 
value = instance.SecurityMode
[DefaultValue(Mono.Cecil.CustomAttributeArgument)]
public UAMessageSecurityModes SecurityMode {get; set;}
[DefaultValue(Mono.Cecil.CustomAttributeArgument)]
public:
property UAMessageSecurityModes SecurityMode {
   UAMessageSecurityModes get();
   void set (    UAMessageSecurityModes value);
}
Remarks

If a security mode is specified (i.e. it does not equal to OpcLabs.EasyOpc.UA.Engine.UAMessageSecurityModes.None), it becomes the effective security mode in . Otherwise, the InferredSecurityMode is used.

Example

.NET

COM

// This example shows how to securely subscribe to signed and encrypted dataset messages.
// An external Security Key Service (SKS) is needed (not a part of QuickOPC).
//
// The network messages for this example can be published e.g. using the UADemoPublisher tool - see
// https://kb.opclabs.com/How_to_publish_or_subscribe_to_secure_OPC_UA_PubSub_messages .

using System;
using System.Collections.Generic;
using System.Threading;
using OpcLabs.EasyOpc.UA.Engine;
using OpcLabs.EasyOpc.UA.PubSub;
using OpcLabs.EasyOpc.UA.PubSub.OperationModel;

namespace UADocExamples.PubSub._EasyUASubscriber
{
    partial class SubscribeDataSet
    {
        public static void Secure()
        {
            // Define the PubSub connection we will work with. Uses implicit conversion from a string.
            UAPubSubConnectionDescriptor pubSubConnectionDescriptor = "opc.udp://239.0.0.1";
            // In some cases you may have to set the interface (network adapter) name that needs to be used, similarly to
            // the statement below. Your actual interface name may differ, of course.
            //pubSubConnectionDescriptor.ResourceAddress.InterfaceName = "Ethernet";

            // Define the arguments for subscribing to the dataset.
            var subscribeDataSetArguments = new UASubscribeDataSetArguments(pubSubConnectionDescriptor)
            {
                DataSetSubscriptionDescriptor =
                {
                    CommunicationParameters =
                    {
                        // Specifies the security mode for the PubSub network messages received. This is a minimum security
                        // mode that you want to accept.
                        SecurityMode = UAMessageSecurityModes.SecuritySignAndEncrypt,
                        SecurityKeyServiceTemplate =
                        {
                            // Specifies the URL of the SKS (Security Key Service) endpoint.
                            UrlString = "opc.tcp://localhost:48010", 
                            // Specifies the security mode that will be used to connect to the SKS.
                            EndpointSelectionPolicy = UAMessageSecurityModes.SecuritySignAndEncrypt,
                            // Specifies the user name and password used for "logging in" to the SKS.
                            UserIdentity = { UserNameTokenInfo = { UserName = "root", Password = "secret" }}
                        },
                        // Specifies the Id of the security group in the SKS that will be used (the security group in the
                        // SKS is configured to use certain security policy, and has other parameters detailing how the
                        // security keys are generated).
                        SecurityGroupId = "TestGroup"
                    }
                }
            };

            // Instantiate the subscriber object and hook events.
            var subscriber = new EasyUASubscriber();
            subscriber.DataSetMessage += subscriber_DataSetMessage_Secure;

            Console.WriteLine("Subscribing...");
            subscriber.SubscribeDataSet(subscribeDataSetArguments);

            Console.WriteLine("Processing dataset message events for 20 seconds...");
            Thread.Sleep(20 * 1000);

            Console.WriteLine("Unsubscribing...");
            subscriber.UnsubscribeAllDataSets();

            Console.WriteLine("Waiting for 1 second...");
            // Unsubscribe operation is asynchronous, messages may still come for a short while.
            Thread.Sleep(1 * 1000);

            Console.WriteLine("Finished.");
        }

        static void subscriber_DataSetMessage_Secure(object sender, EasyUADataSetMessageEventArgs e)
        {
            // Display the dataset.
            if (e.Succeeded)
            {
                // An event with null DataSetData just indicates a successful connection.
                if (!(e.DataSetData is null))
                {
                    Console.WriteLine();
                    Console.WriteLine($"Dataset data: {e.DataSetData}");
                    foreach (KeyValuePair<string, UADataSetFieldData> pair in e.DataSetData.FieldDataDictionary)
                        Console.WriteLine(pair);
                }
            }
            else
            {
                Console.WriteLine();
                Console.WriteLine($"*** Failure: {e.ErrorMessageBrief}");
            }
        }
    }
}
# This example shows how to securely subscribe to signed and encrypted dataset messages.
# An external Security Key Service (SKS) is needed (not a part of QuickOPC).
#
# In order to produce network messages for this example, run the UADemoPublisher tool. For documentation, see
# http://kb.opclabs.com/UADemoPublisher_Basics . In some cases, you may have to specify the interface name to be used.

# The QuickOPC package is needed. Install it using "pip install opclabs_quickopc".
import opclabs_quickopc
import time

# Import .NET namespaces.
from OpcLabs.EasyOpc.UA.Engine import *
from OpcLabs.EasyOpc.UA.PubSub import *
from OpcLabs.EasyOpc.UA.PubSub.OperationModel import *


def dataSetMessage(sender, e):
    # Display the dataset.
    if e.Succeeded:
        # An event with null DataSetData just indicates a successful connection.
        if e.DataSetData is not None:
            print('')
            print('Dataset data: ', e.DataSetData, sep='')
            for pair in e.DataSetData.FieldDataDictionary:
                print(pair)
    else:
        print('')
        print('*** Failure: ', e.ErrorMessageBrief, sep='')


# Define the PubSub connection we will work with. Uses implicit conversion from a string.
pubSubConnectionDescriptor = UAPubSubConnectionDescriptor.op_Implicit('opc.udp://239.0.0.1')
# In some cases you may have to set the interface (network adapter) name that needs to be used, similarly to
# the statement below. Your actual interface name may differ, of course.
#pubSubConnectionDescriptor.ResourceAddress.InterfaceName = 'Ethernet'

# Define the arguments for subscribing to the dataset.
subscribeDataSetArguments = UASubscribeDataSetArguments(pubSubConnectionDescriptor)
# Specifies the security mode for the PubSub network messages received. This is a minimum security
# mode that you want to accept.
subscribeDataSetArguments.DataSetSubscriptionDescriptor.CommunicationParameters.\
    SecurityMode = UAMessageSecurityModes.SecuritySignAndEncrypt
# Specifies the URL of the SKS (Security Key Service) endpoint.
subscribeDataSetArguments.DataSetSubscriptionDescriptor.CommunicationParameters.SecurityKeyServiceTemplate.\
    UrlString = 'opc.tcp://localhost:48010'
subscribeDataSetArguments.DataSetSubscriptionDescriptor.CommunicationParameters.SecurityKeyServiceTemplate.\
    EndpointSelectionPolicy = UAEndpointSelectionPolicy.FromUAMessageSecurityModes(UAMessageSecurityModes.SecuritySignAndEncrypt)
# Specifies the user name and password used for "logging in" to the SKS.
subscribeDataSetArguments.DataSetSubscriptionDescriptor.CommunicationParameters.SecurityKeyServiceTemplate.\
    UserIdentity.UserNameTokenInfo.UserName = 'root'
subscribeDataSetArguments.DataSetSubscriptionDescriptor.CommunicationParameters.SecurityKeyServiceTemplate.\
    UserIdentity.UserNameTokenInfo.Password = 'secret'
# Specifies the Id of the security group in the SKS that will be used (the security group in the
# SKS is configured to use certain security policy, and has other parameters detailing how the
# security keys are generated).
subscribeDataSetArguments.DataSetSubscriptionDescriptor.CommunicationParameters.SecurityGroupId = 'TestGroup'

# Instantiate the subscriber object and hook events.
subscriber = EasyUASubscriber()
subscriber.DataSetMessage += dataSetMessage

print('Subscribing...')
IEasyUASubscriberExtension.SubscribeDataSet(subscriber, subscribeDataSetArguments)

print('Processing dataset message events for 20 seconds...')
time.sleep(20)

print('Unsubscribing...')
subscriber.UnsubscribeAllDataSets()

print('Waiting for 1 second...')
# Unsubscribe operation is asynchronous, messages may still come for a short while.
time.sleep(1)

subscriber.DataSetMessage -= dataSetMessage

print('Finished.')
Rem This example shows how to securely subscribe to signed and encrypted dataset messages.
Rem An external Security Key Service (SKS) is needed (not a part of QuickOPC).
Rem
Rem The network messages for this example can be published e.g. using the UADemoPublisher tool - see
Rem https://kb.opclabs.com/How_to_publish_or_subscribe_to_secure_OPC_UA_PubSub_messages .

' The subscriber object, with events
'Public WithEvents Subscriber6 As EasyUASubscriber

Private Sub EasyUASubscriber_SubscribeDataSet_Secure_Command_Click()
    OutputText = ""
    
    ' Define the PubSub connection we will work with.
    Dim subscribeDataSetArguments As New EasyUASubscribeDataSetArguments
    Dim ConnectionDescriptor As UAPubSubConnectionDescriptor
    Set ConnectionDescriptor = subscribeDataSetArguments.dataSetSubscriptionDescriptor.ConnectionDescriptor
    ConnectionDescriptor.ResourceAddress.ResourceDescriptor.UrlString = "opc.udp://239.0.0.1"
    ' In some cases you may have to set the interface (network adapter) name that needs to be used, similarly to
    ' the statement below. Your actual interface name may differ, of course.
    'ConnectionDescriptor.ResourceAddress.InterfaceName := 'Ethernet';

    ' Define the arguments for subscribing to the dataset.
    Dim comunicationParameters As New UASubscriberCommunicationParameters
    ' Specifies the security mode for the PubSub network messages received. This is a minimum security
    ' mode that you want to accept.
    comunicationParameters.SecurityMode = UAMessageSecurityModes_SecuritySignAndEncrypt
    ' Specifies the URL of the SKS (Security Key Service) endpoint.
    comunicationParameters.SecurityKeyServiceTemplate.UrlString = "opc.tcp://localhost:48010"
    ' Specifies the security mode that will be used to connect to the SKS.
    Dim endpointSelectionPolicy As New UAEndpointSelectionPolicy
    endpointSelectionPolicy.AllowedMessageSecurityModes = UAMessageSecurityModes_SecuritySignAndEncrypt
    Set comunicationParameters.SecurityKeyServiceTemplate.endpointSelectionPolicy = endpointSelectionPolicy ' UAMessageSecurityModes_SecuritySignAndEncrypt
    ' Specifies the user name and password used for "logging in" to the SKS.
    comunicationParameters.SecurityKeyServiceTemplate.UserIdentity.UserNameTokenInfo.UserName = "root"
    comunicationParameters.SecurityKeyServiceTemplate.UserIdentity.UserNameTokenInfo.Password = "secret"
    ' Specifies the Id of the security group in the SKS that will be used (the security group in the
    ' SKS is configured to use certain security policy, and has other parameters detailing how the
    ' security keys are generated).
    comunicationParameters.securityGroupId = "TestGroup"
    
    Set subscribeDataSetArguments.dataSetSubscriptionDescriptor.CommunicationParameters = comunicationParameters
    
    ' Instantiate the subscriber object and hook events.
    Set Subscriber6 = New EasyUASubscriber
        
    OutputText = OutputText & "Subscribing..." & vbCrLf
    Call Subscriber6.SubscribeDataSet(subscribeDataSetArguments)

    OutputText = OutputText & "Processing dataset message for 20 seconds..." & vbCrLf
    Pause 20000

    OutputText = OutputText & "Unsubscribing..." & vbCrLf
    Subscriber6.UnsubscribeAllDataSets

    OutputText = OutputText & "Waiting for 1 second..." & vbCrLf
    ' Unsubscribe operation is asynchronous, messages may still come for a short while.
    Pause 1000

    Set Subscriber6 = Nothing

    OutputText = OutputText & "Finished." & vbCrLf
End Sub

Private Sub Subscriber6_DataSetMessage(ByVal sender As Variant, ByVal eventArgs As EasyUADataSetMessageEventArgs)
    ' Display the dataset
    If eventArgs.Succeeded Then
        ' An event with null DataSetData just indicates a successful connection.
        If Not eventArgs.DataSetData Is Nothing Then
            OutputText = OutputText & vbCrLf
            OutputText = OutputText & "Dataset data: " & eventArgs.DataSetData & vbCrLf
            Dim dictionaryEntry2: For Each dictionaryEntry2 In eventArgs.DataSetData.FieldDataDictionary
                OutputText = OutputText & dictionaryEntry2 & vbCrLf
            Next
        End If
    Else
        OutputText = OutputText & vbCrLf
        OutputText = OutputText & eventArgs.ErrorMessageBrief & vbCrLf
    End If
End Sub
Requirements

Target Platforms: .NET Framework: Windows 10 (selected versions), Windows 11 (selected versions), Windows Server 2016, Windows Server 2022; .NET: Linux, macOS, Microsoft Windows

See Also