AS6 OPCUA Client Communication, Authorization required

Ask Questions
,
1

Dear members,

Recently I strated testing with AS6, I’ve realised that if I try to connect a UA client (e.g UAexpert) then I have to set Authentication settings to Annoymous in user settings, then only I am able to access the PLC variables.
image
otherwise, if I keep the Authentication settings to Anonymous, the client does cennect to the server but unable to browse the PLC variables.

image
image405×736 14.1 KB

image
image966×658 40.2 KB

Please guide me if my client doesn’t support authorization how can I connect with Anonymous setting only.

Thanks and regards

2

Hello Asham Deep Singh Saini:

In AS6, a user (BR_Engineer) in UPCUa Configuration has to be added, to do so in the in the UaCsConfig.uacfg file open the advanced parameter, and on the authorization, add a new role called BR_Engineer.

image
image1087×918 123 KB

After that, even if the authentication setting is on Anonymous, you will be able to see the opcua variables
image
image461×743 26.1 KB

image

For more info: here

1 Like
3

Thanks, it works now.
may I know what is the significance of the BR users?
image

4

Also,
I have a further question I am using opcua Client with python.
when I use authorization method it returns an error

image
image970×60 5.63 KB

I know that opcua python library is not supporting Aes128Sha256RsaOaep Policy, but I am only using authorization method with no security policy.
Aditionally the same authorization method works for AS4.5.
Can you please help me out?

thanks and regards

5

Hello Asham Deep Singh Saini;

I’m no expert on OPCua, from what I know, those are created to comply the OPC10000-018 role base security, you can check on the link for more information

Regarding your second question, I have personally never used the opcUa python library, but if what you say about the AS 4.5 is true, then it’s likely that some security parameters on OPCUa configuration can be the cause, since in AS4.5 quite a few of the security parameters are set to true by default that on AS6 are disabled.

image
image768×511 123 KB

You may want to try to enable diferents security policies…For instance in AS4.5 by default No security is allowed in conversation,and AS6 is disabled by default, etc I’d start from here to check. You can also start by enabling all of them and disabled those not needed by your application, that depends on you.

1 Like
6

genius, Great tip!!! :clap: :raised_hands:

disabling the Aes128Sh265 Rsa Oaep, worked.
image

Thanks,

1 Like