Add authentication and role-based write access control
Implements configurable user authentication (anonymous + username/password) with pluggable credential provider (IUserAuthenticationProvider). Anonymous writes can be disabled via AnonymousCanWrite setting while reads remain open. Adds -U/-P flags to all CLI commands for authenticated sessions. Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
This commit is contained in:
Joseph Doherty
@@ -20,6 +20,23 @@ dotnet run -- <command> [options]
|
||||
|
||||
`OpcUaHelper.ConvertValue()` converts a raw string from the command line into the runtime type expected by the target node. It uses the current node value to infer the type (bool, byte, short, int, float, double, etc.) and falls back to string if the type is not recognized.
|
||||
|
||||
## Authentication Options
|
||||
|
||||
All commands accept optional credentials for `UserName` token authentication:
|
||||
|
||||
| Flag | Description |
|
||||
|------|-------------|
|
||||
| `-U` / `--username` | Username for OPC UA `UserName` token authentication |
|
||||
| `-P` / `--password` | Password for OPC UA `UserName` token authentication |
|
||||
|
||||
When `-U` and `-P` are provided, `OpcUaHelper.ConnectAsync()` passes a `UserIdentity(username, password)` to `Session.Create`. Without credentials, an anonymous `UserIdentity` is used.
|
||||
|
||||
Example:
|
||||
|
||||
```bash
|
||||
dotnet run -- write -u opc.tcp://localhost:4840 -n "ns=2;s=MyNode" -v 42 -U operator -P op123
|
||||
```
|
||||
|
||||
## Commands
|
||||
|
||||
### connect
|
||||
|
||||
Reference in New Issue
Block a user