Can I autologin individuals when using AD/Internal Hybrid

I know, stupid question. Can I get around the security module we have chosen to use for the project for certian users?

I have a manager of the department that wants to either be able to save his password or auto log him in when he uses the fpmi application, but wants only the other members of his department to be able to get into the applicaion. We currently are using the AD/Internal Hybrid type so we don’t have to maintain a seperate password list for them. Will I need to switch security types to accomodate this person, or is there a way to code around it?

I don’t think you’re going to be able to accommodate him at all, unfortunately. I mean, without logging in, how is the application going to know that its this one special user that doesn’t need to log in?

Saving passwords is a possibility, but I’m not sure I like it for security reasons, especially given the shared computer environments that SCADA clients typically get installed in. I suppose it could be an option…

Thanks. That’s basically what I thought. The more I think about it, circumventing the security is just a bad idea. It’s either open to everyone, or it’s controlled access. I think we will let our network security guy handle this request and if it is something the manager can’t live with, I’ll change the security model.

Thanks for the feed back!

One thing that I should mention that might address this request is a concept called Single Sign On (SSO). With SSO, FactoryPMI would attempt to automatically log in using the current windows credentials (this would only work with an Active Directory-based authentication profile, and would only work on Windows clients).

We haven’t done much research into SSO with FactoryPMI, I’m not even sure its possible, but I’ll try to see if I can’t dig up some more information about it…

I’m going to bump this once to see if anything further has happened with SSO and I just missed it… :unamused:

Sorry, nothing more has happened on the SSO front. It is possible, but would take a bit of work on our part, and our development schedule is a bit full at the moment. Vote here if this feature is of interest to you.

We would be interested, as for some reason our “manager” users feel like logging into an application, once they are logged into our network, is too much extra work for them.
Thanks,
Ron

Put me on the list, too. This would definitely appeal to managers’ sense of lazy. :wink:

+1 For SSO!

Another +1 for SSO.

+1 Here also

Just wanted to post back here so you guys know your votes aren’t going into the ether!

+1

This is the one thing i always hear end users complaining about, and also the only feature available in Simatic WinCC that is not available in Ignition :astonished:

Our users use 6 monitor stations, and want to launch multiple instances. This means that they have to type their credentials up to 6 times.

+1 also.

Thank you.

+1… and if you do it for authentication profiles configured in Gateway and Designer, better.

Any specific plans for implementing this? Remember that all of us Ignition users are born unpatient (thats why we dont use Wonderware :laughing: ).

Great news for version 7.7! :thumb_right:


I’m just updating this post to confirm that SSO has been implemented in 7.7.0. You can read about it more in the 7.7 manual.