Advanced

Security Provider - Shared Security Between Applications

Applications that are based on a common OEM layer can share a security database. This means that managers can configure one set of users, who will have the same sign-in name, password and privileges for all the applications that use the same security database.

 

You can enable shared security in the application layer at any time by selecting the OEM layer that is to provide security. You are advised to secure the OEM layer before selecting it as the security provider.

At least one security account must exist in the dependent application because only accounts with the Administrator privilege can access the Administrative Settings dialog. When an OEM layer is selected to act as the security provider, all accounts and other security settings in the current application will cease to function (but continue to exist), in favor of accounts and settings configured in the security provider layer.

 

To enable Shared security, log in to your application with an account that has the Administrator privilege and open the Administrative Settings dialog. In the following example image, the shared security section is highlighted.

Changing the security provider from the current
                  application (New Application 2) to the OEM layer (Bedford)

Shared Security is enabled as soon as you select the OEM layer to use as the security provider and click the OK button.

VTScada (not just the current application) must be re-started on all machines to complete the process. Restart VTScada immediately after configuring shared security.

Until you restart the VTScada and the application, the account you used to make this configuration change will still operate within the application.

 

After the application has re-started, all accounts and other security settings in the application will stop working, replaced by those in the selected security provider. You may still use the security dialogs within the application, but rather than working with the current application's security database, you will be working with the security provider's database.

To disable Shared Security, change the security provider back to the current application and re-start. Accounts and other security settings that previously existed within the application will resume.

Enable Windows Security Integration

Requires coordination with your IT department. Refer to notes in Windows Security Integration.

User Realm Delimiter

Must be defined before enabling Separate Realm Entry During Sign In. Refer to notes in Security Realms.

Enable Smart Card Authentication

Available only in combination with Windows Security Integration. Refer to notes in Smart Card Support

Enable Signed Out VIC Sessions

By default, signing out of a VIC session causes the connection to close, freeing the license. If selected, behavior on sign-out will be similar to a desktop session, where the application remains visible waiting for the next sign-in. The client license is not released until the connection is closed.

Enable OAuth2

Requires coordination with your IT department. Refer to notes in OAuth 2.0 Configuration