The User Password Levels are hierarchical meaning that each User at a certain Level can also execute the operations of levels that are lower than that level. Level 1 is the lowest User Level, while the Developer Level is the highest.
Movicon Help on Line - Rel. 11.7.1302
By means of using the User Management, each user is assigned a User Password Level for user authentication and an Access Level to determine which read and write rights they have in the various project controls.
The User Password Levels are needed for user authentication. When a user logs on, their Password level is activated to enable them to execute commands that have been protected by a password level that is the same or lower than theirs. The User Password Levels are:
User Level 0 (0) = no password level required
User Levels (1-1022) = password levels from 1 to 1022 are required. These password levels are assigned to normal project users.
Administrator User Level (1023) = password level for Administrator or System users. System operations, such as closing the project, can also be executed with this password level.
Developer User Level (1024) = password level for Developer users. The project can also be developed with this password level.
|
The User Password Levels are hierarchical meaning that each User at a certain Level can also execute the operations of levels that are lower than that level. Level 1 is the lowest User Level, while the Developer Level is the highest. |
This property can be set in various points and in various components of a Movicon project. For example, this setting in the "Users General Properties" permits each user to be associated with a Password Level.
Where the project's controls and resources are concerned, the 'User Level' property is used to define which User Password Level is necessary for executing the command list associated to that control. For further information, please refer to the 'User Levels' property of the component or resource concerned:
Object "User Level" property (paragraph: "Access Levels Properties common to Drawings and Controls")
Menu "User Level" property (paragraph: "Item Menu General Properties")
Shortcut "User Level" property (paragraph: "Shortcut Command General Properties")
When log on has been executed correctly by verifying the Users authentication, it is possible to set a limit to number of User interventions on various project controls or components by using the 'Access Levels'.
There are 16 distinct levels, from 'Access Level 1' to 'Access Level 16'. Each Access Level is independent from the others and can be activated by using its corresponding Check-Box. For example, when the 'Access Level 5' is enabled in a Button control, this will allow only those Users who have 'Access Level 5' checked in their 'Access Level' Masks to access this Button. The Access Mask must therefore be configured for different Users according to the Access Mask configured for the project's controls or components in order to allow users to access them in read/write.
|
The Access Levels are not managed hierarchically, therefore the high levels (i.e. Level 16) do not acquire the access rights of lower Levels (i.e. Level 1). |
You must keep in mind that the User Password Levels have priority over the 'Access Levels', which means that the users must first logon and have their Password Level verified for authentication before the Access Levels assigned to the user are verified.
The figure illustrates an example of user access control at Log On.
Based on the access level and area required to execute the command, the users 1 & 2 are permitted or denied not access based on their privileges.
This property, which is found in various controls and components of Movicon projects, defines which is the control's Write Access Level. If the User has been authenticated but their Access Level does not correspond with that of the control's, the user will not be able to write in that control.
Please also consider that the write access of a control or component in the project assumes different meanings according to the control or component type. For further information, please refer to the 'Write Access Level' property of the component concerned:
Variable "Write Access Level" property (paragraph: "Variable Access Level Properties")
Alarm Threshold "Write Access Level" property (paragraph: "Alarm Threshold General Properties")
Scheduler "Write Access Level" property (paragraph: "Scheduler Access Level Properties")
This property, which is found in various Movicon project controls and components, defines which is the control's Read Access Level. If the User has been authenticated but their Access Level does not correspond with that of the control's, the user will not be able to read that control.
Please also consider that the write access of a control or component in the project assumes different meanings according to the control or component type. For further information, please refer to the 'Read Access Level' property of the component concerned:
Variable "Read Access Level" property (paragraph: "Variable Access Level Properties")
Alarm Threshold "Read Access Level" property (paragraph: "Alarm Threshold General Properties")
Scheduler "Read Access Level" property (paragraph: "Scheduler Access Level Properties")
This property is only available for the "Scheduler" object and Real Time DB variable resources. This property allows you to keep these resources always available in the project's "Scheduler Window" selection list. When enabling this property, the scheduler or variable will be made available and selectable in the "Scheduler Window" independently from the Access Level of the user logged on. For further information, please refer to the desired component's "Read Access Level" property:
Variable "Always Visible" property (paragraph: "Variable Access Level Properties")
Scheduler "Always Visible" property (paragraph: "Scheduler Access Level Properties")
Invalid Login
Movicon has a mechanism to discourage multiple failed login attempts. This mechanism can be implemented by setting a number of failed Login attempts in the "MaxLoginFailed" (default 3) registry key. This will make the Login window take long to reappear after each attempt to deter malicious users from logging in. Once the set limit has been reached, a "Maximum limit of attempts has been reached" message will appear in the System Log causing a further delay for subsequent login attempts.
In addition, the key also has effect on failed logins for 'Single/Double Ei. Sign. for Commands' types.
