/// <summary>
/// Creates the objects used to validate the user identity tokens supported by the server.
/// </summary>
private void CreateUserIdentityValidators(ApplicationConfiguration configuration)
{
for (int ii = 0; ii < configuration.ServerConfiguration.UserTokenPolicies.Count; ii++)
{
UserTokenPolicy policy = configuration.ServerConfiguration.UserTokenPolicies[ii];
// create a validator for a certificate token policy.
if (policy.TokenType == UserTokenType.Certificate)
{
// check if user certificate trust lists are specified in configuration.
if (configuration.SecurityConfiguration.TrustedUserCertificates != null &&
configuration.SecurityConfiguration.UserIssuerCertificates != null)
{
CertificateValidator certificateValidator = new CertificateValidator();
certificateValidator.Update(configuration.SecurityConfiguration).Wait();
certificateValidator.Update(configuration.SecurityConfiguration.UserIssuerCertificates,
configuration.SecurityConfiguration.TrustedUserCertificates,
configuration.SecurityConfiguration.RejectedCertificateStore);
// set custom validator for user certificates.
m_certificateValidator = certificateValidator.GetChannelValidator();
}
}
}
}
/// <summary>
/// Creates the objects used to validate the user identity tokens supported by the server.
/// </summary>
private void CreateUserIdentityValidators(ApplicationConfiguration configuration)
{
foreach (UserTokenPolicy policy in configuration.ServerConfiguration.UserTokenPolicies)
{
// create a validator for a certificate token policy
if (policy.TokenType == UserTokenType.Certificate)
{
// check if user certificate trust lists are specified in configuration
SecurityConfiguration securityConfiguration = configuration.SecurityConfiguration;
if (securityConfiguration.TrustedUserCertificates != null &&
securityConfiguration.UserIssuerCertificates != null)
{
CertificateValidator validator = new CertificateValidator();
validator.Update(securityConfiguration).Wait();
validator.Update(
securityConfiguration.UserIssuerCertificates,
securityConfiguration.TrustedUserCertificates,
securityConfiguration.RejectedCertificateStore);
// set custom validator for user certificates
certificateValidator = validator.GetChannelValidator();
}
}
}
}
/// <summary>
/// Creates the objects used to validate the user identity tokens supported by the server.
/// </summary>
private void CreateUserIdentityValidators(ApplicationConfiguration configuration)
{
for (var ii = 0; ii < configuration.ServerConfiguration.UserTokenPolicies.Count; ii++)
{
var policy = configuration.ServerConfiguration.UserTokenPolicies[ii];
// ignore policies without an explicit id.
if (string.IsNullOrEmpty(policy.PolicyId))
{
continue;
}
// create a validator for an issued token policy.
if (policy.TokenType == UserTokenType.IssuedToken)
{
// the name of the element in the configuration file.
var qname = new XmlQualifiedName(policy.PolicyId, Namespaces.OpcUa);
// find the id for the issuer certificate.
var id = configuration.ParseExtension <CertificateIdentifier>(qname);
if (id == null)
{
Utils.Trace(
Utils.TraceMasks.Error,
"Could not load CertificateIdentifier for UserTokenPolicy {0}",
policy.PolicyId);
continue;
}
}
// create a validator for a certificate token policy.
if (policy.TokenType == UserTokenType.Certificate)
{
// the name of the element in the configuration file.
var qname = new XmlQualifiedName(policy.PolicyId, Namespaces.OpcUa);
// find the location of the trusted issuers.
var trustedIssuers = configuration.ParseExtension <CertificateTrustList>(qname);
if (trustedIssuers == null)
{
Utils.Trace(
Utils.TraceMasks.Error,
"Could not load CertificateTrustList for UserTokenPolicy {0}",
policy.PolicyId);
continue;
}
// trusts any certificate in the trusted people store.
_certificateValidator = CertificateValidator.GetChannelValidator();
}
}
}
private void CreateUserIdentityValidators(ApplicationConfiguration configuration)
{
for (int ii = 0; ii < configuration.ServerConfiguration.UserTokenPolicies.Count; ii++)
{
UserTokenPolicy policy = configuration.ServerConfiguration.UserTokenPolicies[ii];
if (policy.TokenType == UserTokenType.Certificate)
{
if (configuration.SecurityConfiguration.TrustedUserCertificates != null &&
configuration.SecurityConfiguration.UserIssuerCertificates != null)
{
CertificateValidator certificateValidator = new CertificateValidator();
certificateValidator.Update(configuration.SecurityConfiguration).Wait();
certificateValidator.Update(configuration.SecurityConfiguration.UserIssuerCertificates,
configuration.SecurityConfiguration.TrustedUserCertificates,
configuration.SecurityConfiguration.RejectedCertificateStore);
m_userCertificateValidator = certificateValidator.GetChannelValidator();
}
}
}
}
/// <summary>
/// Creates the objects used to validate the user identity tokens supported by the server.
/// </summary>
private void CreateUserIdentityValidators(ApplicationConfiguration configuration)
{
foreach (UserTokenPolicy policy in configuration.ServerConfiguration.UserTokenPolicies)
{
// create a validator for a certificate token policy.
if (policy.TokenType != UserTokenType.Certificate)
{
continue;
}
// check if user certificate trust lists are specified in configuration.
if (configuration.SecurityConfiguration.TrustedUserCertificates == null ||
configuration.SecurityConfiguration.UserIssuerCertificates == null)
{
continue;
}
CertificateValidator certificateValidator = new CertificateValidator();
certificateValidator.Update(configuration.SecurityConfiguration).Wait();
certificateValidator.Update(configuration.SecurityConfiguration.UserIssuerCertificates,
configuration.SecurityConfiguration.TrustedUserCertificates,
configuration.SecurityConfiguration.RejectedCertificateStore);
// set custom validator for user certificates.
_certificateValidator = certificateValidator.GetChannelValidator();
}
}
