How can you create a protected user screen without using user administration?
Often screens are configured that can only be operated or opened by people with "ADMIN" rights, for example. Such screens are those in which you can run user administration or screens via which the Control Panel of the panel or PC can be accessed. For example, the "Open Control Panel" function.
Now, if the administrator has forgotten his/her password or can no longer log on because of repeated incorrect entry of the password, for example, you have to reload the complete configuration once again into the panel in order to be able to reset the user administration to its original state. Under certain circumstances, in plants that are located abroad, for example, this could prove to be a problem, because the customer doesn't possess the technology required or doesn't have the latest software.
- As project author you create your own "service site" to which only you have access via a password without having to use any user administration.
- Using the "ProSave" software you can backup/restore your passwords.
After commissioning you must always backup the "user administration". Save the data on a CF card, for example, or possibly in the flash memory of the operator panel. In this way you can always restore the "original state" if it should ever be necessary.
Please note that in this case all the passwords and user names changed subsequently will be overwritten.
To the picture in which user administration is executed and which contains the user view, you add the "Cleared down" event that triggers the system function "ExportImportUserAdministration" for "Export". In addition, in the task planner, for the device settings you create a task with the event "1 hour". To this event you attach the system function "ExportImportUserAdministration" for "Import".
This ensures that all the changes in the user administration are saved. If users lock themselves out, they automatically get their original user rights back after 1 hour at the latest.
In the sample project attached you can only call a "protected" screen after the correct "value" has been entered in an I/O field.
Clicking on the "company logo" (1) opens an input field (2). By entering the correct "password" (value) a button is displayed via which you can call your configured "service site".
Configured on this "service site" is the "Import/Export" function of the user administration, for example. Furthermore, via a button you get to the "Control Panel", in which you can backup/restore the configuration or make other settings. This is particularly important if you have set the panel's "Autostart" to 0 seconds so that the user cannot access the "Control Panel" after a panel restart.
"Plant Data" picture (Picture 1):
Configure button with animation:
Under "Properties > Animation > Visibility" you assign the tag created under Point 1 to this button. Define a "range" in which the "animation" is to be active. This can be your defined "password".
|3||Function in Runtime:|
In "Runtime", if the value "12345" is entered in the I/O field, the "Service Site" button becomes visible and you can call the "service site".
In this example there is also an invisible button located over the "logo" for displaying and hiding the "password input field".
|5||"Service site" picture (Picture 2):
The attached download contains the archived project with the functions described above.
Attachment 1: Projekt_1.zip ( 1754 KB )
Runnability and test environment:
The following table lists the components that have been used to create this entry and verify the functions described.
|Components||Product and version designation|
|PC operating system||Microsoft Windows XP SP2||Microsoft Windows XP SP2|
|HMI software||WinCC flexible 2005 SP1||WinCC flexible 2007 HF4|
|HMI devices||MP370 Touch||MP370 Touch|