View Issue Details

Jump to NotesJump to History
IDProjectCategoryView StatusDate SubmittedLast Update
0007253Compliance Test Tool (CTT) Unified ArchitectureApi Changepublic2021-09-14 16:292024-03-19 22:33
ReporterJim Luth Assigned ToAlexander Allmendinger  
PrioritynormalSeverityminorReproducibilityN/A
Status assignedResolutionopen 
Summary0007253: [Part 4] endpointUrl in createSession document unclear
Description

https://reference.opcfoundation.org/v104/Core/docs/Part4/5.6.2/
The documentation for the endpointUrl string states:

The network address that the Client used to access the Session Endpoint.
The HostName portion of the URL should be one of the HostNames for the application that are specified in the Server’s ApplicationInstanceCertificate (see 7.2). The Server shall raise an >AuditUrlMismatchEventType event if the URL does not match the Server’s HostNames. AuditUrlMismatchEventType event type is defined in OPC 10000-5.
The Server uses this information for diagnostics and to determine the set of EndpointDescriptions to return in the response.

Whereas the doc is clear about the necessity to raise a AuditUrlMismatchEventType, the doc is unclear on whether it is mandatory or not to specify a endpoint that strictly matches one of the exposed endpoint of the server.

Server can be addressed by hostname, fqdn , alias hostname and directly with IP address ...

For instance:

  • Prosys Demo Server will reject the connection if the endpointUrl provided in the createSessionRequest doesn't exactly match the endpointUrl of one of the exposed endpoint of the server with a ServiceFault BadServiceUnsupported.

  • UAAutomation CPPServer will accept the connection of the endpointUrl is opc.tcp://localhost:48010 our opc.tcp://192.122.122.14:48010 (with the server Ip address) or opc.tcp://HOSTNAME:48010 even though only opc.tcp://HOSTNAME:48010 appears in the endpoint descriptions.

Which behavior is correct ?

Also I am not sure that any CTT test verifies this aspect yet ...

If we decide that createSessionRequest must expose a known endpointUrl to the server. then we may have to provide the algorithm by which a client can reliably connect to the server if it only knows it IP address..:

  • open a connection using on one of the possible hostnaame/ipaddress , create a secureChannel
  • get the endpoints
  • close connection
  • find the exact end point matching the level of security required
    • open a new connection with the exact opc.tcp endpoint, create channel
  • create session with this exact endpoint URL
    • activate session , etc ...
TagsNo tags attached.
Files Affected

Relationships

related to 0006142 closedMatthias Damm 10000-004: Services [Part 4] endpointUrl in createSession document unclear 

Activities

Etienne Rossignon

2021-09-14 16:29

reporter   ~0014855

More over, some client may add a extra "/" at the end of the URI, and the server might not define endpoint with a trailing "/" causing issue for endpoint matching .

May be adding a clear of rules for endpoint uri matching would be appropriate.

Etienne Rossignon

2021-09-14 16:29

reporter   ~0014856

endpoint URI matching also affects PART 4 5.4.4

5.4.4 GetEndpoints 5.4.4.1 Description
A Client may reduce the number of results returned by specifying filter criteria based on LocaleIds and Transport Profile URIs. The Server returns an empty list if no Endpoints match the criteria specified by the client. The filter criteria supported by this Service are described in 5.4.4.2.

Jim Luth

2021-09-14 16:30

administrator   ~0014857

Check if CTT tests this.

Alexander Allmendinger

2024-03-19 22:33

developer   ~0020961

This issue has been discussed in the UA WG on 19th of March 2024. It was decided to deprecate the Audit event and to remove the requirement (see original mantis for more details).
To do in this mantis issue: Ensure that we have no test cases defined which validate this behavior or if so deprecate the test cases.

Issue History

Date Modified Username Field Change
2021-09-14 16:29 Jim Luth New Issue
2021-09-14 16:29 Jim Luth Issue generated from: 0006142
2021-09-14 16:29 Jim Luth Note Added: 0014855
2021-09-14 16:29 Jim Luth Note Added: 0014856
2021-09-14 16:29 Jim Luth Relationship added related to 0006142
2021-09-14 16:30 Jim Luth Note Added: 0014857
2021-09-14 16:30 Jim Luth Project 10000-004: Services => Compliance Test Tool (CTT) Unified Architecture
2021-09-14 16:30 Jim Luth Category Spec => Api Change
2021-09-26 03:53 Paul Hunkar Assigned To => Alexander Allmendinger
2021-09-26 03:53 Paul Hunkar Status new => assigned
2024-03-19 22:33 Alexander Allmendinger Note Added: 0020961