Open Automation Software
Moving Data From Anywhere to Anywhere
1-303-679-0898

Getting Started – Security

Security can be implemented to restrict modifying configuration parameters and limit real-time and historical data access.

View the video – Security Setup or follow the basic steps that follow to learn how to setup security for Open Automation Software.

For a complete list of all Security properties refer to the OAS Configuration – Security section in this help file.

Step 1

Getting Started-Tags 1Start Configure OAS application.

 

 

Step 2

Select Configure-Security.

Getting Started-Security 1

Step 3

Select the Local OAS Service by selecting the Select button or the Local node in the service tree to the left.

Getting Started-Tags 3

Getting Started-Tags 4

Step 4

The Default Security Group contains all of the security default settings if a remote client application is not logged and is connected to the service.

The Enable All Features selection will enable all features for security access.

You can add multiple Security Groups, each one having its own security settings.

You then define Security Users with Configure-Users to assign a Security Group to a User. You cannot define the Default Security Group to a User.

Step 5

Logging Group Tags Properties 2The Common properties are general features that are common to the entire OAS Service that can be restricted.

 

Modify Tag 1The Tags properties are the different types of methods that can be performed on the real-time Tag database.

 

Modify Tag 1The Read Tags properties provide the feature to disable or enable real-time data access to Tags. You can either Disable All Tags From Reading and then Enable specific Tags, or leave all Tags for reading, but just Disable specific Tags.

 

Modify Tag 1The Read Tags properties affect real-time data access from HMI controls like OAS WPF HMI .NET, OAS WinForm HMI .NET and OAS Web HMI, but also restrict real-time Trending and Data Logging.

 

Modify Tag 1The Write Tags properties limit client applications from writing to Tags.

 

Getting Started-Security 2The Trends properties are for a few specific name retrieval functions.

 

Getting Started-Security 2The Trend RealTime properties help to limit access for real-time trending.

 

Getting Started-Security 2The Trend History properties allow restriction of history replay from clients.

 

Getting Started-Data Logging 15The Data Log properties limit data logging configuration parameters from access and modification.  To limit the actual data being logged use the Read Tags properties.

 

Tag Parameters 2The Alarms properties limit obtaining the Alarm Group Names defined in the Service.

 

Tag Parameters 2The Alarm Ack properties limit the ability to acknowledge alarms based on alarm priority and Alarm Groups.

 

Tag Parameters 2The Alarm RealTime properties limit the ability to access the current alarms based on alarm priority and Alarm Groups.  This also restricts Alarm Logging.

 

Tag Parameters 2The Alarm History properties limit the ability to access historical alarms from a database based on alarm priority and Alarm Groups.

 

Getting Started-Data Logging 15The Alarm Log properties limit alarm logging configuration parameters from access and modification. To limit the actual alarms being logged use the Alarm RealTime properties.

 

Tag Parameters 2The Alarm Notification properties limit alarm notification configuration parameters from access and modification.

 

Configure ReportsThe Reports properties limit report configuration parameters from access and modification.

 

Add RecipeThe Recipes properties limit the recipe configuration parameters from access and modification.

 

Getting Started-Security 3The Security properties limit the security configuration parameters from access and modification.

 

Getting Started-Security 4Warning: Make certain to first add a Security Group to all access and modification to the security configuration and add a User assigned to the new Security Group before disabling access and modification of Security in the Default Group.

 

Getting Started-Security 5The Options 1, 2, and 3 properties are to limit access of the parameters found under Configure-Options.

 

Step 6

Getting Started-Security 6Once you have defined a new Security Group select Configure-Users to define User Names, Passwords, and Security Groups defined to each user.

 

Step 7

In order to save your Security and User configuration select the Save button on the toolbar at the top and use your desired file name.

Getting Started-Tags 19

Set the Default Security Configuration to load under Configure-Options.

Step 8

Under Configure-Options note the two (2) following properties:

  1. Security User Name for Service
  2. Security Password for Service

These properties will allow the OAS Service to run under this defined user account to give remote client access privileges for Read Tags for Calculations and Data Logging, and for Realtime Alarms for Alarm Logging. This is important if the remote OAS Services have Security restrictions for these features.

Step 9

Getting Started-Security 7Refer to the VB.NET Example on how to programmatically login to multiple client components in a Visual Studio Application. You can also use the LogIn icon on the Trend and Alarm Controls individually. This code is in the FormMain code of the VB.NET Example.

The OPC Contrrols.NET LogIn and LogOff methods are found in the OPCControlsLogIn control that will control user access for all OPC Controls components used in a Visual Studio application. The ShowUserLogIn method displays a Log In dialog for security access log in. You can also obtain the Current User with the CurrentUser function.

The OAS Trend .NET component has LogIn and LogOff methods to use for programmatic interface, but also a LogIn icon that can be displayed on the toolbar.

The OAS Alarm .NET component has LogIn and LogOff methods to use for programmatic interface, but also a LogIn icon that can be displayed on the toolbar.

The OAS Web HMI OPCWebRefresh contains the LogIn and LogOff methods for controlling for a specific web page.

The OAS Web Trend control has LogIn and LogOff methods.

The OAS Web Alarm control has LogIn and LogOff methods.

The OPC Systems Component used for programmatic interface of all configurations has LogIn and LogOff methods.

Step 10

The Configure OAS application has a Log In selection on the main menu in order to grant access privileges to a service with security protection. It is important to know that features like CSV Import and Export may be restricted based on the security policy of the OAS Service it is connected to.