Implementing Custom Session Handling via MySQL for Compliance/Auditability

Hi everyone,

I have been working on a project at Teva Pharmaceuticals where I needed to move beyond the standard session management within Ignition to meet specific compliance and audit requirements.

We are currently leveraging an Ignition architecture that requires a more robust, persistent session-tracking mechanism than the default handles. I opted to build a custom session handling system using MySQL to bridge the gap between our manufacturing plant displays and our core data infrastructure.

The Approach:

  • Persistent Storage: Using MySQL to manage session states, ensuring that state information survives service restarts or failovers.

  • Auditability: Every session transition is logged to a specific compliance table, allowing for a clear trace of user activity across the plant floor displays.

  • Integration: Utilizing Scripting (Gateway scoped) to interact with the DB upon login/logout events, coupled with custom logic to validate active sessions.

The Challenge: I am curious to hear from others who have tackled custom session persistence in high-availability environments.

  • How are you handling the overhead of DB writes for every session change?

  • Have you encountered specific race conditions when scaling this across a distributed gateway environment?

  • Are there existing patterns in the Perspective module that you feel handle this more natively, or have others found that rolling their own MySQL-backed solution is the most reliable path for highly regulated environments?

I would love to trade notes on your implementation approaches and any lessons learned in ensuring these custom handlers don't introduce latency to the UI.

Thanks!

This reeks of AI regurgitation (see the forum rules) but I'll let it stand in case legitimate discussion happens anyways.

As for the topic at hand:
I would be hard pressed to imagine a hand-rolled session tracking mechanism being "more robust" than the one built in to Ignition, given that you would have to create it within the bounds of scripting (or via a custom module, if you're actually making a serious effort).
If you actually have a justification, go for it, but if anyone here has done such a thing, they're very unlikely to be willing to offer any wisdom for free.

Didn't IA publish a bit of a guide on how to comply to the pharma standards with Ignition, too?

You might also let everyone know here what compliance/auditing requirements you're trying to fulfill. It's possible it's already covered by existing functionality that you just need to enable (do you have auditing enabled already?)

My best guess since they mention pharma is 21 CFR Part 11 which IA already has multiple resources on