Protecting HMI with a Password
It is possible to lock the whole HMI or certain parts of it with a password in order to make sure that only authorized users will be able to modify a running program in the production environment.
Creating Password Protected Panels
In order to make some area of HMI locked for unauthorized users you need to add the PasswordPanel control from the Password Protection category to your HMI. Then, you should add all HMI controls that you wish to be password protected into the PasswordPanel (in exactly the same way as you would do with a regular panel). When you run such a program you will see a login screen instead of the content of the PasswordPanel (the controls inside the panel will not be visible) and only when you log in the content of the panel will be unlocked (it will become visible). Please note that you can create several password protected areas in your HMI, each with its own users list, e.g. to distinguish the administration panel from a regular worker's panel. The controls which should be available for everyone without providing a password should be placed in HMI outside of any PasswordPanels.
After you log in to the PasswordPanel, you can log out of it (lock its content) in the following ways:
- by clicking the LogoutButton control placed inside PasswordPanel (you can add it from the Password Protection category),
- by clicking the Esc key when keyboard focus is on a control inside PasswordPanel (and when UseEscToLock property of PasswordPanel control is set to True),
- by clicking the Ctrl+L key combination when keyboard focus is on a control inside PasswordPanel.
You will be also automatically logged out after the period of time defined in the AutoLockTimeout property (in seconds) of the PasswordPanel control if the system input has been idle for that period of time (no keystrokes or mouse clicks/moves).
Managing Users and Passwords
Users with access to HMI PasswordPanel are identified by user name and password pairs. User names must be unique and are case insensitive. User password must be at least 4 letters long and is case sensitive. Multiple users identified by different user names can be given access to a single PasswordPanel. Credentials are stored in a separate *.avuser files (stored outside of .avproj project files or .avexe executable files). You need to assign such a file to each PasswordPanel control to determine which users should have access to a given area. You do this by setting the CredentialsFileName property of the PasswordPanel control to the path pointing to the .avuser file. An *.avuser file can be created and edited in the following ways:
- by right clicking the PasswordPanel control in the HMI editor and choosing Edit Credentials... (this will open an existing file assigned to the control, if any, and set the CredentialsFileName property to the newly saved file path),
- by choosing Tools » Edit HMI User Credentials File... in Adaptive Vision Studio's main menu,
- by running the AdaptiveVisionUserCredentialsEditor.exe application from the Adaptive Vision Studio Runtime's catalog.
Please note that user passwords are stored in a hashed form and thus it is not possible to read the current password of a user (it is only possible to set new password for an existing or new user).
When moving your project to a different computer, please remember to copy also the *.avuser files and check if their paths are correct (absolute or relative, as set in the CredentialsFileName property). You need to copy these files even when you generate a runtime executable file (*.avexe) from your project because they are not exported to *.avexe files. Ensuring that is crucial as when *.avuser files are not found you will not be able to unlock the password protected area.
It is also possible to share your *.avuser file through network using file sharing (in such case be sure to share files as read-only). This gives ability to quickly edit user access right inside production environment in a single location on a server by a system administrator. To use credentials file shared in a network CredentialsFileName property must be set to an absolute network share path (e.g. "\\MyServer\MyPath\MyCredentialsFile.avuser").
Password Protection in the Production Environment
Please note that it is not enough to just copy your project files (or an *.avexe file) and *.avuser files to the production environment machine to ensure that your program cannot be modified by unauthorized users. This is because *.avuser files and application project files can be modified or overwritten, modifying user credentials or removing password protection. In order to prevent that, you should properly configure the production machine:
- system administrator must have a password,
- a normal non-administrative user (logged in during vision system runtime) should not have permissions to modify the project catalog and the files it contains, including .avuser file.
A simple solution to fulfill these requirements on Microsoft Windows is to place application project files in a folder created with default inherited permissions inside Program Files directory (administrator rights will be required) and to work on production machine using non-administrative user account.
In such configuration it is still possible to edit your *.avuser file by authorized staff (for example to periodically change passwords) when you run AdaptiveVisionUserCredentialsEditor.exe with the system administrator privileges.
Multi-level password protection
Adaptive Vision Studio allows for creating HMI with multi-level password protection. Besides the user name and password a *.avuser file also stores user's access level, which is an integer number between 0 and 255. When creating a multi-level protected HMI you can determine the minimum access level that is required to log in to each protected area. What is worth mentioning, you can create several PasswordPanels or even one inside another, and assign to them the same *.avuser file.
The multi-level password protection is typically used in applications with at least two PasswordPanels and at least two access levels, as in the example below.
The unlocked area for the unauthorized users is only used for displaying the result of inspection.
The first protected area has the RequiredAccessLevel set to 0. It contains controls for setting parameters such as the name of an inspected element, the region of interest and the maximum error of a measurement. The values of these controls can be set by a factory foreman, having access level 0.
The second protected area is locked even for a Foreman user, since its RequiredAccessLevel is set to 1, thus only users with higher access level are able to see its content. In this particular example such user is a Supervisor. Moreover, a Supervisor user is able to log into both the ForemanArea and the SupervisorArea at the same time.
Per-control multi-level protection
Besides putting the protected controls inside a PasswordPanel control, it is also possible to define the minimum required user access level for each control individually. After adding a PasswordPanel control to the HMI project (e.g. named "passwordPanel1") all other controls will receive a new extended property UserAccessLevel (e.g "UserAccessLevel on passwordPanel1", one property for each PasswordPanel in the project). By default the value of this property is empty (equal to Nil), which means that the control does not have a user level requirement and its Enable state is not affected. By setting the value equal or greater than 0, the control becomes password protected and will be disabled (its Enable property will be set to False) until a user with an equal or greater access level will log in on the associated PasswordPanel.
Please note that when using the UserAccessLevel property on a control, the control's Enable state cannot be changed in any other way. This includes associating EnabledManager with it or connecting to its Enable property, as the methods would interfere with each other.
Also note, that the control is not required to be placed inside a PasswordPanel container to be able using the UserAccessLevel property. This allows for separating the protected controls from the password panels and allows for creating more flexible HMI designs.
All events related to each PasswordPanel are displayed in the console window and saved to the application log file. Description of the following events is saved:
- user logged in,
- user logged out,
- username or password was invalid,
- user access level was lower than the RequiredAccessLevel.
Moreover, at the moment the user is logging out, the values of all HMI controls within the protected area are also saved. This makes it possible to conduct audit trials about who changed particular parameters and at what time.
|Previous: Saving State of HMI Controls||Next: Creating User Controls|