Пример #1
0
        /// <summary>
        /// Creates a session with the server that is independent of the network connection.
        /// </summary>
        public CreateSessionResponseMessage CreateSession(CreateSessionMessage request)
        {
            try
            {
                lock (m_lock)
                {
                    InitializeApplicationDescription();

                    // create a new session object.
                    Session session = new Session();

                    NodeId sessionId;
                    NodeId authenticationToken;
                    byte[] serverNonce;
                    double revisedSessionTimeout;

                    EndpointDescription endpoint = m_endpoints[0];

                    // the session object validates the incoming parameters and produces faults on error.
                    session.Create(
                        endpoint,
                        request.ClientDescription,
                        request.ClientCertificate,
                        request.SessionName,
                        request.RequestedSessionTimeout,
                        out sessionId,
                        out authenticationToken,
                        out serverNonce,
                        out revisedSessionTimeout);

                    // save the session.
                    m_sessions.Add(authenticationToken.Identifier, session);

                    // the server application must authenticate itself to the client by providing a signature.
                    // this process is redundant for applications using WS-SecureConversation with mutual certificate
                    // exchange, however, the UA specification requires this step to ensure that secure channel
                    // technologies such as machine-to-machine VPNs can be used instead without sacrificing the
                    // ability to identify the remote applications.

                    byte[] dataToSign = SecurityUtils.Append(request.ClientCertificate, request.ClientNonce);

                    SignatureData serverSignature = SecurityUtils.Sign(
                        m_serverCertificate,
                        endpoint.SecurityPolicyUri,
                        dataToSign);

                    // contruct the response.
                    CreateSessionResponseMessage response = new CreateSessionResponseMessage();

                    response.ResponseHeader             = CreateResponseHeader(request.RequestHeader);
                    response.SessionId                  = sessionId;
                    response.AuthenticationToken        = authenticationToken;
                    response.MaxRequestMessageSize      = request.MaxResponseMessageSize;
                    response.RevisedSessionTimeout      = revisedSessionTimeout;
                    response.ServerNonce                = serverNonce;
                    response.ServerCertificate          = m_serverCertificate.GetRawCertData();
                    response.ServerSignature            = serverSignature;
                    response.ServerEndpoints            = m_endpoints;
                    response.ServerSoftwareCertificates = new ListOfSignedSoftwareCertificate();

                    return(response);
                }
            }
            catch (Exception e)
            {
                throw CreateSoapFault(request.RequestHeader, e);
            }
        }