Versions Compared

Old Version 109

changes.mady.by.user user-8416b

Saved on

compared with

New Version Current

changes.mady.by.user Paulo Tsuchiya

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.


HTML
<style>
.text-span-6 {
    background-image: linear-gradient(99deg, rgba(170, 163, 239, .5), rgba(125, 203, 207, .5));
    border-radius: 50px;
    padding-left: 15px;
    padding-right: 15px;
}

#title-text {
display: none;
}

.panelgradient {
    background-image: linear-gradient(180deg, #d5def0, whitesmoke);
    border-radius: 8px;
    flex-direction: column;
    justify-content: center;
    align-items: center;
    padding: 4rem;
    display: flex;
    position: relative;
}

</style>


<div class ="panelgradient">

<h1 style="text-align: center;">Security <br> (Users, Roles, and AD/LDAPRoles)</h1>

</div>



Introduction to the Security Module

Image Added

The Security

module

Module ensures the safety and integrity of your projects.

Here You CanSome of the key features include:

  • Managing user access, roles, and permissions. 
  • Controls who can access, view, and modify project solution components. 
  • Controls who can manage runtime user interactions with displays and actions.

Image Added

On this page:

Table of Contents
maxLevel3
minLevel2
styleNone

Key Concepts and Terms

The Security Module secures the data exchange between the platform and external databases.

Panel
bgColor#ffffff

defines the Users allowed to use or modify solution, and their Roles, Permission, and Security Policies. The definition of users can be created locally using the platform tools or executed in connection with external definitions such as Active Directory, LDAP servers, or external SQL databases.

Users

Anyone accessing the

project

solution, either in engineering (Designer Tool) or in runtime mode (Displays).

panel

bgColor#ffffff

Permissions

Permissions are set levels of access for each user that determine what they can

/

or cannot do within the

software

solution.

Panel
bgColor#ffffff

Policies

Policies manage requirements on User Identification and Session

control

Control.

PanelbgColor

#ffffff

RuntimeUsers

These users are created and retrieved from an external encrypted SQL database or other identification servers.

Understanding the Security Module

What the Security Module Enables

User roles management

User Roles Management:Managing user roles involves assigning a role to each user that defines their level of access to various project components of the solution. Each role has its permissions, which can be customized to meet the security requirements of your organization.

Managing External Users (Runtime Users)

:External Users in this context refers to users who are not part of the organization but need access to specific project components, such as components of the project. This can include contractors, clients, or third-party vendors.  

Securing Project Settings: The module provides tools to secure project settings by assigning Permissions and Policies. 

These users are typically managed via RuntimeUsers or integration with Active Directory and LDAP.

Securing Solution Configuration

The platform provides several tools to secure the solution configuration itself.  By assigning Permissions and Policies, administrators can control which users have access to specific modules, editors and documents. This ensures that only authorized users can make changes on each part the solution configuration.

Securing Runtime Execution

Securing runtime involves managing Securing Runtime: Managing user sessions in client displays involves by setting password requirements, session restrictions, and e-signature settings. The platform allows administrators to monitor client connections and manage active sessions.

Users, Permissions and Policies Summary

For a summary of the Security Configuration, go to Security Overview, which presents the basic configuration steps and properties for Users, Permission and Policies

The next section presents the configuration of those elements in further details.

Configuring the Security Module

Configuration Workflow

Each user User is assigned to a Security Group defined in set of Permissions and a to a Session Policy configured in the Policies.

Security module configuration workflow

Security Configuration Interfaces

Action

Where 

Edit Users

Security

/ Users

Define security Permissions

Security

/ Permissions

Define security Policies 

Security

/ Policies

Manage RuntimeUsers

Security

/ RuntimeUsers

RuntimeUsers

Runtime Users are either defined in an external database or created dynamically using the CreateUser method. They can log in and use remote operation displays similarly to users specified in the Project solution configuration.

→ Read more about RuntimeUsers properties.

AD/LDAP Integrations

Windows AD Integration

The platform can automatically execute user credentials validation and user connection identification using native Windows Active Directory integration, available for users connecting from Windows operating systems.

→ Read more about Windows AD / LDAP Server.

AD/LDAP Server Integration

When Windows AD integration is unavailable, automated identification can still be achieved using a business server-defined LDAP server.

→ Read more about Windows AD / LDAP Server.

Working with the Security Module

Customizing Login Procedures

Modify the login page, fine-tune user validation, and incorporate custom logic into the client startup ScriptTask process for a tailored login experience.

Further User management can also be execute on Scripts.

→ Read more on Scripts, Handling Security

Applying Security to Displays

Regulate user access and interactions within displays, either by protecting the entire display, or specific commands or elements within each display.

Display Edit or Run Security

The configuration table Displays / List, has the columns EditSecurity and RunSecurity that allow to define the PermissionGroups allowed to configure, or open in runtime, each displays. 

Security within the Display

When drawing the solution User Interface, there is a Dynamic Property specifically to apply security to any Input the operator may do at the display.

→ Read more on Drawing User Interfaces / Dynamics and UI Elements, the Security Dynamic configuration. 

Security Runtime Attributes

The Securitynamespace has contains all the runtime information regarding the security system. The Clientobject has information about the current user logged at that client station

:

.

Examples

Client.Username

The property is the name of current logged user.

Client.CurrentUser
Reference to a

References the data structure with all the information of the currently logged-in user.


To learn about the basic concepts of namespaces and objects, you can refer to Read more about Objects and Namespaces.

Working with the Security Module

Runtime Execution

→ Read more about Security Runtime Execution.

Monitoring Clients Connections

Track and manage active connections, enabling efficient troubleshooting and resource allocation.

? Read more about Monitoring Client Connections.

Customizing Login Procedures

Modify the login page, fine-tune user validation, and incorporate custom logic into the client startup process for a tailored login experience. 

? Read more about Customizing Login Procedures.

Managing Users on Displays and Scripts

Regulate user access and interactions within displays and scripts to promote a secure and efficient work environment.

→ Read more about Managing Users on Displays and Scripts.

Anchor
BestPractices
BestPractices
Best Practices and Troubleshooting

Best Practices and Recommendations:

  • Regularly update your user list and their associated permissions to maintain security.
  • Conduct periodic audits of user accounts and permissions, making necessary updates and removing inactive users.
  • Enforce strong password policies to enhance security.
  • Require complex passwords that include uppercase and lowercase letters, numbers, and special characters. Encourage regular password changes.
  • Keep your system up-to-date with patches and updates.
  • Regular updates often include security enhancements and fixes. Ensure your system is up-to-date to benefit from these improvements.

Troubleshooting and

Troubleshooting and Best Practices

Troubleshooting and

Common Issues:

  • User Cannot Log In: Ensure the user is entering correct login credentials. Check if the user's account is active and not blocked or flagged as deleted. If the problem persists, contact your system administrator.
  • Permission Denied Error: Check the user's assigned Permissions. Ensure they have the necessary access rights to perform the desired action. Update their Permissions or assign them to a different user group if necessary.

In this section:

Page Tree
root@self
spacesV10

Best Practices and Recommendations:

  • Regularly update your user list and their associated permissions to maintain security
  • Conduct periodic audits of user accounts and permissions, making necessary updates and removing inactive users.
  • Enforce strong password policies to enhance security.
  • Require complex passwords that include uppercase and lowercase letters, numbers, and special characters. Encourage regular password changes.
  • Keep your system up-to-date with patches and updates.
  • Regular updates often include security enhancements and fixes. Ensure your system is up-to-date to benefit from these improvements.

What's Next?