View Issue Details
| ID | Project | Category | View Status | Date Submitted | Last Update |
|---|---|---|---|---|---|
| 0010403 | CTT UA Test Case | 4 - Test Case Definition | public | 2025-07-01 10:13 | 2025-07-08 06:42 |
| Reporter | Sebastian Allmendinger | Assigned To | Sebastian Allmendinger | ||
| Priority | normal | Severity | minor | Reproducibility | have not tried |
| Status | resolved | Resolution | duplicate | ||
| Summary | 0010403: Security User Name Password / 006: Expected result needs to be updated | ||||
| Description | The test case expects a server to reject a Username-UserToken if no nonce is appended. The expected error codes are: Bad_UserAccessDenied and Bad_IdentityTokenRejected. | ||||
| Additional Information | https://reference.opcfoundation.org/Core/Part4/v105/docs/7.41.2.1 To prevent the leakage of information useful to attackers, Servers shall ensure that the process of validating UserIdentityTokens completes in a fixed interval independent of whether an error occurs or not. The process of validation includes decrypting, check for padding and checking for a valid nonce. If any errors occur the return code is Bad_IdentityTokenInvalid. | ||||
| Tags | No tags attached. | ||||
| Files Affected | |||||
| duplicate of | 0010414 | assigned | Alexander Allmendinger | Username Password / 006 needs to expect BadUserIdentityTokenInvalid |
| Date Modified | Username | Field | Change |
|---|---|---|---|
| 2025-07-01 10:13 | Sebastian Allmendinger | New Issue | |
| 2025-07-02 11:43 | Paul Hunkar | Assigned To | => Sebastian Allmendinger |
| 2025-07-02 11:43 | Paul Hunkar | Status | new => assigned |
| 2025-07-08 06:42 | Sebastian Allmendinger | Relationship added | duplicate of 0010414 |
| 2025-07-08 06:42 | Sebastian Allmendinger | Status | assigned => resolved |
| 2025-07-08 06:42 | Sebastian Allmendinger | Resolution | open => duplicate |
