Security
Configuring Security is a 2-part process that includes setting up your OAS Server Security Groups, and then applying access rights to those groups within the UIEngine.
Server Security
UIEngine security is based on OAS Server security groups, so the first step in providing access is to set up OAS Security Groups and Users.
Open the OAS Configuration tool, which is installed with the server, to set up a security group and user that will be used to log into the UIEngine.
Create a Group
From the top-level menu, select Configure > Security and if not already connected, enter the location of the OAS server you'd like to configure and then click SELECT.
Enter a name for the Security Group you'd like to create in the Group Name field. This can be anything except "Default", which is a reserved group name. The Security Group is where you apply access to Tags for reading and writing, and this will be carried into the UIEngine as well. The example below shows the creation of a UIEngine Admins group for granting full access to all features on the OAS Server. This is done by checking Enable All Features. For other groups, such as Operators, etc. you should not grant access to all features.
Within the UIEngine tab, you then select the access level for the Group.
Access Level | Description |
---|---|
No Access | Cannot log in or use the UIEngine |
Access | Can log into the UIEngine, but additional project and screen access must be granted within the application |
Admin | Full UIEngine administrative access to add/edit any project and screen within the application |
Click Add Group and your new security group will be added to the list.
Create a User
Now select Configure > Users to create a new login credential.
Enter a User Name and Password that you can easily remember, and select the Security Group you previously created.
Click Add User and your new user will be added to the list.
Project/Screen Access
Once you have created OAS Server Security Groups and Users above, you can now use these accounts to log into the UIEngine. Administrators can configure Project and Screen level access to other Security Groups.
See Security Configuration for more detail
Public Mode
In some scenarios, you may want to provide public or semi-public access to screens so that users can see data without a login session.
Public Mode is activated when a screen marked Public is accessed directly and the user is not logged in. Within Public Mode, editing tools are not displayed. This is extremely useful for:
- Public Presentations
- Public Dashboards and HMIs such as live displays in a public place
- conference room screens
- manufacturing floor
- Public Information kiosks