×
Siemens Industry Online Support
Siemens AG
Entry type: FAQ Entry ID: 24182683, Entry date: 04/09/2009
(0)
Rate

How can you create a protected user screen without using user administration?

  • Entry
  • Associated product(s)

Instructions:
Often screens are configured that can only be operated or opened by people with "ADMIN" rights, for example. Such screens are those in which you can run user administration or screens via which the Control Panel of the panel or PC can be accessed. For example, the "Open Control Panel" function.

Now, if the administrator has forgotten his/her password or can no longer log on because of repeated incorrect entry of the password, for example, you have to reload the complete configuration once again into the panel in order to be able to reset the user administration to its original state. Under certain circumstances, in plants that are located abroad, for example, this could prove to be a problem, because the customer doesn't possess the technology required or doesn't have the latest software. 

Remedy:

  • As project author you create your own "service site" to which only you have access via a password without having to use any user administration.
  • Using the "ProSave" software you can backup/restore your passwords. 

Tip 1:
After commissioning you must always backup the "user administration". Save the data on a CF card, for example, or possibly in the flash memory of the operator panel. In this way you can always restore the "original state" if it should ever be necessary.
Please note that in this case all the passwords and user names changed subsequently will be overwritten.

Tip 2:
To the picture in which user administration is executed and which contains the user view, you add the "Cleared down" event that triggers the system function "ExportImportUserAdministration" for "Export". In addition, in the task planner, for the device settings you create a task with the event "1 hour". To this event you attach the system function "ExportImportUserAdministration" for "Import".
This ensures that all the changes in the user administration are saved. If users lock themselves out, they automatically get their original user rights back after 1 hour at the latest.

Example:
In the sample project attached you can only call a "protected" screen after the correct "value" has been entered in an I/O field.
Clicking on the "company logo" (1) opens an input field (2). By entering the correct "password" (value) a button is displayed via which you can call your configured "service site".
Configured on this "service site" is the "Import/Export" function of the user administration, for example. Furthermore, via a button you get to the "Control Panel", in which you can backup/restore the configuration or make other settings. This is particularly important if you have set the panel's "Autostart" to 0 seconds so that the user cannot access the "Control Panel" after a panel restart.


Bild 01

 

No. Procedure
1

"Plant Data" picture (Picture 1):
Create an "I/O Field" and assign a tag to it.
The tags doesn't need a controller connection.

2

Configure button with animation:
Configure a button via which you call the relevant screen (service site).

Under "Properties > Animation > Visibility" you assign the tag created under Point 1 to this button. Define a "range" in which the "animation" is to be active. This can be your defined "password".
In this example the value is "12345".

3 Function in Runtime:
In "Runtime", if the value "12345" is entered in the I/O field, the "Service Site" button becomes visible and you can call the "service site".

Note:
Please note that this procedure does not provide the user protection provided by a configured user administration and cannot substitute it!

4 Invisible button:
In this example there is also an invisible button located over the "logo" for displaying and hiding the "password input field".
5 "Service site" picture (Picture 2):
  • Via the "Import" button you can import an existing user administration.
  • Via the "Export" button you can export an existing user administration.
  • Via the "Control Panel" button you get to the panel's "Control Panel".
  • Via the "Back" button you can get back to the previous screen. Three functions have been configured on the button. Among other things they are for hiding the "password input field" again and for resetting the input to zero.

The attached download contains the archived project with the functions described above.

Attachment 1: Projekt_1.zip ( 1754 KB )

Runnability and test environment:
The following table lists the components that have been used to create this entry and verify the functions described.
 

Components Product and version designation
PC operating system Microsoft Windows XP SP2 Microsoft Windows XP SP2
Standard tools -- --
Engineering tools -- --
HMI software WinCC flexible 2005 SP1 WinCC flexible 2007 HF4
HMI devices MP370 Touch MP370 Touch
Controllers -- --

Keywords:
Passwords, Administrator