We are trying to make data from our tag provider available to external OPC clients. With this setup we would like to control which data the external clients can see or not.
I am able to setup Ignition so I can connect with an external client and browse all the tags. But when I set Tag Read Permissions for a Tag Provider the OPC client fails to browse the Tag Providers directory. It remains possible to browse the Server and Devices directory.
When I setup the user with read permissions to all tag providers, then I am able to browse. But as soon as there is one tag provider with a different read permission that the user does not have I get the following error:
Browse failed for node : ns=2;s=Tag Providers. Error : BadNodeIdUnknown: The node id refers to a node that does not exist in the server address space.(0x80340000)
We eventually want to set it up in such a way that we can make OPC accounts for specific tag providers, giving external devices access to a specific subset of the tags in Ignition. I would expect that when performing a browse on the server the tags that the client has no permissions for would just not appear.
It also seems that the issue is also in the browsing. When manually adding the path I am able to read tags that I have permission for, and other tags return a unauthorized error.
Has anyone experience with a setup like this and whether this should work?
Thanks in advance!