×
Siemens Industry Online Support
Siemens AG
Entry type: FAQ Entry ID: 32253468, Entry date: 11/20/2008
(0)
Rate

Why should you close opened faceplates for a change of user (log on/off)?

  • Entry
  • Associated product(s)

Description:
Users often configure faceplates such that the user currently logged on is stored. For example, the user name can be stored in the "Text" property of an object of the "Static Text" type. Depending on how a faceplate is configured, it might happen that the stored user rights are not updated when there is a change of user. Under certain circumstances this might mean that unauthorized switching actions are executed or on the other hand that switching actions cannot be executed due to lack of user rights.

Remedy:

  • Faceplates should be closed after a change of user and then reopened.
  • Do not store the user currently logged on. For each operator action, always run a new direct query of the user currently logged on.

Notes:

  • This behavior occurs, for example, with the Safety Matrix faceplate.
  • If you use the Basic Process Control option (e.g. when using PCS 7 or the OS Project Editor), faceplates are closed by default when there is a change of user. Detailed information on this behavior and on authorization checks is available in Entry ID 16626380.
  • In the case of Standard WinCC, you must manually configure faceplate administration (opening and closing of picture windows). Automatic closing of opened picture windows upon logging on/off can be implemented with a global script action, for example, which is run upon change of the "@CurrentUser" tag.

    The following figure shows the configuration of a C action that is run upon a change of user. Here, the picture defined in the action is reloaded as Start picture. If the static value of the "Display" property of possible picture windows has the value "False", then the picture windows are closed upon change of user.


    Bild 01

     
  • Alternatively, by script you can query the authorization levels configured in the WinCC User Administrator through appropriate ODK functions. Entry ID 27068495 shows how to use the ODK function "PWRTCheckPermission()" to query an authorization level in the script.

Security information
In order to protect technical infrastructures, systems, machines and networks against cyber threats, it is necessary to implement – and continuously maintain – a holistic, state-of-the-art IT security concept. Siemens’ products and solutions constitute one element of such a concept. For more information about cyber security, please visit
https://www.siemens.com/cybersecurity#Ouraspiration.