View Issue Details

IDProjectCategoryView StatusLast Update
000776410000-018: Role-Based SecuritySpecpublic2022-03-11 14:57
ReporterMatthias Damm Assigned ToMatthias Damm  
PrioritynormalSeverityminorReproducibilityhave not tried
Status closedResolutionfixed 
Product Version1.05.01 
Target Version1.05.02 RC1Fixed in Version1.05.02 RC1 
Summary0007764: Should it be allowed to remove user that is the user of the current session
Description

UserManagementType::RemoveUser can be called by an authorized administrator.

What happens if the user is removed that is used for the session that calls RemoveUser?

I think this should not be allowed and the Method should return an error like BadInvalidSelfReference in this case.

TagsNo tags attached.
Commit Version
Fix Due Date

Activities

Matthias Damm

2022-03-10 08:43

developer   ~0016289

Added clarification:
If the user of the Session used to call the Method is to be removed, the Method shall fail with Bad_InvalidSelfReference.
And Method result:
Bad_InvalidSelfReference The user to remove is used by the Session used to call the Method.

Fixed in:
OPC 10000-18 - UA Specification Part 18 - Role-Based Security 1.05.02 Draft1.docx

Jim Luth

2022-03-11 14:57

administrator   ~0016345

Agreed to changes in Virtual F2F. Label as Errata.

Issue History

Date Modified Username Field Change
2022-02-22 20:41 Matthias Damm New Issue
2022-02-22 20:47 Matthias Damm Description Updated
2022-03-10 08:43 Matthias Damm Assigned To => Matthias Damm
2022-03-10 08:43 Matthias Damm Status new => resolved
2022-03-10 08:43 Matthias Damm Resolution open => fixed
2022-03-10 08:43 Matthias Damm Note Added: 0016289
2022-03-11 14:57 Jim Luth Status resolved => closed
2022-03-11 14:57 Jim Luth Fixed in Version => 1.05.02 RC1
2022-03-11 14:57 Jim Luth Note Added: 0016345