Hello everybody.
I am going to connect a third party opc-ua client to the Ignition OPC UA server (Ignition 8.1.38 standard version). I am interested in not alow the tags writting property, i have tried to set by opc client, opc connection, the read only parameter but it doesn´t look to work because the opc client can write without any restriction.
I have read in this foro that althougt it´s not documented if you create a role with ReadOnly it would works too but not i haven´t got it.
Any idea?
Thank you very much
Kind regards.
1 Like
There’s no access control in the server right now. We’re adding Roles and Permissions support in 8.3.
The changes you made in your first screenshot are for a connection, not for the server itself.
1 Like
Eduardo,
How many tags does the OPC client needs access to?
If you want to set based on user, you're probably best setting individual rights on the tags themselves. Though if you have a lot it can be a pain
This is actually only partially true. There's no access control to the Devices exposed by the server.
Tags from exposed Tag Providers to take into account the user connected to the server and any tag permissions that are configured, though this often means some configuration is needed since the OPC UA server is using its own isolated user source by default.
Can you please expand on this distinction?
You can define OPC UA connections to any OPC UA server, not just Ignition's OPC UA server. What you are doing is making operations against that connection Read Only.
These connections have nothing to do with a 3rd party OPC UA client making a connection to Ignition's OPC UA server.
3 Likes
