I know, stupid question. Can I get around the security module we have chosen to use for the project for certian users?
I have a manager of the department that wants to either be able to save his password or auto log him in when he uses the fpmi application, but wants only the other members of his department to be able to get into the applicaion. We currently are using the AD/Internal Hybrid type so we don’t have to maintain a seperate password list for them. Will I need to switch security types to accomodate this person, or is there a way to code around it?
I don’t think you’re going to be able to accommodate him at all, unfortunately. I mean, without logging in, how is the application going to know that its this one special user that doesn’t need to log in?
Saving passwords is a possibility, but I’m not sure I like it for security reasons, especially given the shared computer environments that SCADA clients typically get installed in. I suppose it could be an option…
Thanks. That’s basically what I thought. The more I think about it, circumventing the security is just a bad idea. It’s either open to everyone, or it’s controlled access. I think we will let our network security guy handle this request and if it is something the manager can’t live with, I’ll change the security model.
One thing that I should mention that might address this request is a concept called Single Sign On (SSO). With SSO, FactoryPMI would attempt to automatically log in using the current windows credentials (this would only work with an Active Directory-based authentication profile, and would only work on Windows clients).
We haven’t done much research into SSO with FactoryPMI, I’m not even sure its possible, but I’ll try to see if I can’t dig up some more information about it…
Sorry, nothing more has happened on the SSO front. It is possible, but would take a bit of work on our part, and our development schedule is a bit full at the moment. Vote here if this feature is of interest to you.
We would be interested, as for some reason our “manager” users feel like logging into an application, once they are logged into our network, is too much extra work for them.
Thanks,
Ron
This is the one thing i always hear end users complaining about, and also the only feature available in Simatic WinCC that is not available in Ignition
Our users use 6 monitor stations, and want to launch multiple instances. This means that they have to type their credentials up to 6 times.