Database Athentication Profile

KDO · October 29, 2010, 5:19pm

Hello everyone I am fairly new to Ignition and have been tasked with setting this interface up in our production facility. We have generic usernames that will be used to log into certain production lines and I am looking to limit the number of times a username can be logged into a project. From what I have been told one of the ways to do this is with a DB profile and startup scripts. Does anyone have any experience in creating the DB table and startup scripts? Any help would be greatly appreciated. Thanks Ken

Carl.Gould · November 4, 2010, 9:02pm

There are 2 ways that you could accomplish this. One is easier but slightly ‘klunky’, the other is harder but cleaner.

Method 1
Don’t use the built-in log-in screen. Set the projects to auto-login with some system account that you create. Make your own login window that is the only window set to ‘Open on Startup’. Put a username, password, and “Login” button on it. In the “Login” button::

verify their credentials
make sure you don’t have too many of that username logged in
store in the database somewhere that they are logged in (relates to #2 )
issue a system.security.switchUser call.

Method 2
Use a database authentication profile’s expert mode. Write the Authentication Query to not only verify the credentials but also check how many users of that name are logged in. Use a client startup/shutdown script to do bookeeping on how many users are logged in. Hint: Make a basic database auth profile 1st, and then switch it to expert so that the tables get created for you.

AlThePal · November 5, 2010, 8:25am

We’ve also been asked to ensure users can only login on one View node at a time. The approaches Carl outlines look useful, but what happens when something goes wrong e.g. a View node is turned off without being shut down properly? In this case the shutdown script won’t run and the user will still be recorded as being logged in, stopping them from logging in anywhere else.

It would be nice for an administrator to be able to carry out the following functions:

Check who is logged in and where.
Send a message to an individual user or multiple users.
Force a View node to log out (as mentioned by Nathan in this post).

Any thoughts on achieving these functions?

nathan · November 5, 2010, 3:28pm

+1 to Al’s suggestions. It makes sense to me to implement all those admin functions together.

Carl.Gould · November 5, 2010, 5:22pm

Well you can do #1 right now via the Session tab of the Gateway’s Status section.

Those other ideas are good ideas - you could implement them yourself but it would be somewhat painful. I’ll make a note.