HTML |
---|
<style> .text-span-6 { background-image: linear-gradient(99deg, rgba(170, 163, 239, .5), rgba(125, 203, 207, .5)); border-radius: 50px; padding-left: 15px; padding-right: 15px; } #title-text { display: none; } .panelgradient { background-image: linear-gradient(180deg, #d5def0, whitesmoke); border-radius: 8px; flex-direction: column; justify-content: center; align-items: center; padding: 4rem; display: flex; position: relative; } </style> <div class ="panelgradient"> <h1 style="text-align: center;">Security <br> (Users, Roles, and AD/LDAP)</h1> </div> |
Introduction to the Security Module
The Security module ensures the safety and integrity of your projects.
Here You can Can:
- Managing user access, roles, and permissions.
- Controls who can access, view, and modify project components.
- Controls who can manage runtime user interactions with displays and actions.
On this page:
Table of Contents | ||||
---|---|---|---|---|
|
Key Concepts and Terms
The Security module's purpose is to ensure secure Module secures the data exchange between the platform and external databases. The concepts of Users, Permissions, Policies, and Runtime Users ease the Security module's understanding.
Panel | ||
---|---|---|
| ||
UsersAnyone accessing the project, either in engineering or runtime mode. |
Panel | ||
---|---|---|
| ||
PermissionsPermissions are set levels of access for each user that determine what they can/ cannot do within the software. |
Panel | ||
---|---|---|
| ||
PoliciesPolicies manage requirements on User Identification and Session control. |
Panel | ||
---|---|---|
| ||
RuntimeUsersThese users are created and retrieved from an external encrypted SQL database or other identification servers. |
Understanding the Security Module
User
roles managementRoles Management: Managing user roles in FactoryStudio involves assigning a role to each user that defines their level of access to various project components of the project. Each role has its permissions, which can be customized to meet the security requirements of your organization.
External Users
Definitions: External Users in FactoryStudio refers to users who are not part of the organization but need access to specific components of the project. This can include project components, such as contractors, clients, or third-party vendors. These users are typically managed via RuntimeUsers or integration with Active Directory and LDAP.
Securing Project Settings
FactoryStudio : The module provides several tools to secure project settings . By by assigning Permissions and Policies, administrators can control which users have access to specific project settings and features. This ensures that only authorized users can make changes to critical project settings..
Securing Runtime
Securing runtime involves managing : Managing user sessions in client displays by involves setting password requirements, session restrictions, and e-signature settings. FactoryStudio also allows administrators to monitor client connections and manage active sessions.
Configuring the Security Module
Configuration Workflow
Each user is assigned to a security group Security Group defined in Permissions and a session policy Session Policy configured in the Policies.
Permissions define the level of access users have for project configuration and client displays.
Policies, on the other hand, focus on managing user sessions in client displays, either WPF or HTML5, by setting password requirements, session restrictions, and e-signature settings.
Security module configuration workflow | |
---|---|
Action | Where |
Edit Users | Security → Users |
Define security Permissions | Security → Permissions |
Define security Policies | Security → Policies |
Manage RuntimeUsers | Security → RuntimeUsers |
RuntimeUsers
RuntimeUsers are a separate group of users who are Runtime Users are either defined in an external database or created dynamically using the CreateUser method, and they . They can log in and similarly utilize use remote operation displays similarly to the users specified in the Project configuration. See RuntimeUsers properties to explore the properties in detail
→ Read more about RuntimeUsers properties.
AD/LDAP Integrations
Windows AD Integration
Instead of validating the Users again, the credentials in the Project configuration and the identification of the User connection can be automatically executed using our The platform can automatically execute user credentials validation and user connection identification using native Windows Active Directory integration. This functionality in only , available for the Users users connecting from Windows operating systems.
→ Read more about For more information, see Windows AD / LDAP Server.
AD/LDAP Server Integration
When the integration with Windows AD integration is not available, it is still possible for an unavailable, automated identification can still be achieved using the a business server to define an -defined LDAP server to be used by the project. .
→ Read more about For more information, Windows AD / LDAP Server.
Security Runtime Attributes
The Security namespace has all the runtime information regarding the security system.
The Client
object has information about the current user logged at that client station:
Examples | |
---|---|
Client.Username | The property is the name of current logged user. |
Client.CurrentUser | Reference to a data structure with all the information of the currently logged-in user. |
To learn about the basic concepts of namespaces and objects, you can refer to Objects and Namespaces.
Working with the Security Module
Runtime Execution
For in-depth security runtime understanding, please explore the → Read more about Security Runtime Execution.
Monitoring Clients Connections
The Monitoring Client Connections empowers you to track Track and manage active connections. This functionality enables , enabling efficient troubleshooting and resource allocation for your project's needs. Please refer to the .
? Read more about Monitoring Client Connections for a comprehensive client connections understanding.
Customizing Login Procedures
The Custom Login Procedures enables you to modify Modify the login page, fine-tune user validation, and incorporate custom logic into the client startup process . This allows for a tailored login experience that suits your project's specific requirements. For a deeper understanding of how to customize login procedures and to examine detailed examples, please consult the .
? Read more about Customizing Login Procedures.
Managing Users on Displays and Scripts
The User Management on Displays and Scripts enables you to regulate Regulate user access and interactions within displays and scripts , promoting to promote a secure and efficient work environment. To acquire an in-depth understanding of user management on displays and scripts, please consult the
→ Read more about Managing Users on Displays and Scripts.
Troubleshooting and Best Practices
Table of Contents | ||||||
---|---|---|---|---|---|---|
|
Troubleshooting and Common
#IssuesThe Security module may encounter some issues in its operation. Here are some common issues and their solutionsIssues:
- User
- Cannot Log In: Ensure
- the user is entering
- correct login credentials. Check if the user's account is active and not blocked or flagged as deleted. If the problem persists, contact your system administrator.
- Permission
- Denied Error: Check the user's assigned Permissions. Ensure
- they have the necessary access rights to perform the desired action.
- Update their Permissions or assign them to a different user group if necessary.
Best Practices and
#RecommendationsTo ensure the smooth operation of the Security module, follow these best practicesRecommendations:
- Regularly update your user list and their associated permissions
- to maintain security
- Conduct
- periodic
- audits of user accounts and permissions
- , making necessary updates and
- removing inactive users.
- Enforce strong password policies to enhance security.
- Require
- complex passwords that include uppercase and lowercase letters, numbers, and special characters.
- Encourage regular password changes.
- Keep your system up-to-date with patches and updates.
- Regular updates
- often include security enhancements and fixes. Ensure
- your system is up-to-date to
- benefit from these improvements.
What's Next?
Security Runtime Attributes
The Security namespace has all the runtime information regarding the security system.
The Client
object has information about the current user logged at that client station:
Client.Username
Client.CurrentUser
To learn about the basic concepts of namespaces and objects, you can refer to Objects and Namespaces.
In this section:
Page Tree