Scale-out architecture, remote tag provider and write permission

Hi,

I have a project with a scale-out architecture with redundancy.
All tags are in the back-end gateway.
I added a write permission with the "Administrator" role, and there is no security zone on a tag.

When I'm logged into the front end, I can't write to the tag (designer and client) even if I have the role. But when I'm logged into the back end, I can write to the same tag.

I suspect that the user and/or the role in the front end is not being passed to the back end.
Is it a bug? Or maybe a configuration?

I always miss some configuration step, but usually I go back to this video and am able to clear it up pretty quickly.

Hi,

Thank you, but this is not my problem.
I can write a tag in a remote tag provider if this one has the write permission set to public. And the security zone is created and works well.

My problem is when I set the write permission to a role like this

I'm no longer able to write the tag into the remote tag provider.
It seems that the user's roles are not passed through the remote tag provider to the remote gateway, and then the remote gateway does not allow the write operation because the role is not respected.
From what I believe.

Under Config > Security > Service Security do you have "Trust Remote Security Levels" enabled?

2 Likes

Ah !!
It works now, thank you !

1 Like