Setting up user authentication
Access to a station database requires user authentication, which is managed by the station’s AuthenticationService. As with physical access, programmatic access requires authentication using the HTTPBasicScheme (HTTP Basic Authentication
Scheme). Consider using a separate user for each type of access (physical access, programmatic access, etc.). This practice
provides additional security as each user requires only the minimum number of access rights necessary to accomplish a specific
task. Using roles and tagged categories allows for highly-configurable permissions for accessing various station components.
Prerequisites: You have administrative rights. The station is open in Workbench.
Perform the following steps:
- Open the
bajapalette.
- Add the HTTPBasicScheme under the node in the nav tree.
- Create a role to assign to users based on the type of access.For example, users who are permitted to create and view web charts may be assigned the “NA_charts” role. Permissions for this role might allow a user to read from the database but not invoke actions or write records to it.
Users who are permitted to query the station database with API calls may be assigned a “NA_API” role. Permissions for this role might allow a user to read from the database and invoke actions, but not write records to it.
- Expand in the nav tree and double-click the user name you intend to use to access the station database.The Edit User window opens.
- Select
HTTPBasicSchemefrom theAuthentication Scheme Namedrop-down list, assign the role you created, and click OK.