Role-Driven Client Security

On the simplest level, security settings can be applied to individual windows or components. Users with different roles can all view the same project from the client, but the functionality and readability can change based on the roles assigned to each users. Generally, higher level access provides full functionality to all contents of a project, and lower level access is restricted to generalized read-only privileges. However, client security settings are flexible enough to accommodate any security requirements.

Below we see the Security Settings panel in action. This panel is the interface that applies Ignition's built-in security settings. Security settings can be applied to a single component, multiple components simultaneously, or even a whole window. Users who should be allowed full access can be selected, and restrictions can be applied for users that should not have full access.

images/download/attachments/6035125/security_settings.PNG

Projects are assigned a User Source to authenticate against. All roles that have been defined in the User Source can be referenced in the client to block or allow access. Once roles have been created, you can easily start assigning component-specific security settings in the Designer.

images/download/attachments/6035125/project_properties.PNG

More information can be found on the Component and Window Security page.

Incorporating Scripting into Security

The component-based security settings are fairly simplistic: the user either has the required roles, or a restriction applied. In situations where consideration for access should go beyond a simple role check, security-based scripting can provide a larger degree of granularity. Information about the logged-in user, such as user-name or roles, can be detected by scripting, allowing for the creation of a robust security system.

images/download/attachments/6035125/scripting_in_security.PNG

More information can be found on the Security in Scripting page.

In This Section ...