Templates for the Access Control Plug-in
Four different Access Control Plug-in templates are available for generating a WinCC OA Access Control Plug-in:
- Empty access control plug-in
- Access control plug-in implementing CNS example
- Access control plug-in implementing Common Config example
- Access control plug-in implementing General Config example
The names of these templates are determined. These are used to execute the script for generating a developer project (Windows) or makefile (Linux) with sources named accordingly. To build your own security plug-in, see the chapter Generating a User-Defined Plug-in. The "Generating a User-Defined Plug-in" chapter shows how to generate a user-defined plug-in.
The precompiled Access Control Plug-in executables are located in the wincc_oa_path\bin\windows-64 directory.
Empty Access Control Plug-in
This template provides an example structure of an Access Control Plug-in. The AccessControlPlugin template provides a developer with an implementation of the AccessControlPlugin plug-in interface with all available functions listed and filled with code which does not interfere normal operation. It can be used as a reference for the build tool chain or for reviewing the interface opportunities.
All functions in the template will grant permission to any operations possible meaning analysis operations on data points, queries and CNS structures, dpGet, dpSet. The Empty Access Control Plug-in gives an overview of the available interface that is described in the source in <API_ROOT>/include/Manager/SecurityPlugin.hxx.
Figure: SecurityPlugin.hxx
Demo Access Control Plug-in Template
The Demo AccessControlPlugin Template provides different configurations for controlling write, read and visibility of data points. These can be used for creating an own WinCC OA Access Control Plug-in.
All code shown in this document or in the templates is example code and not meant to be used directly in a production environment.
The configuration is provided by loading the demo panel wincc_oa_path/Panels/Examples/accessControlPluginConfigExample.pnl. Configuration of the plug-in is explained when activating the demo panel. Depending on the configured plug-in, the necessary data points and configurations are activated. In the demo panel the necessary information is described.
CNS Plug-in
The configuration used by the CNSPlug-in is saved in the CNS Data. Using CNS is flexible and does not use resources that could be needed elsewhere.
Common Config Plug-in
The configuration information is entered as a string in the common config of the demo data point. This access is direct and efficient but uses a resource that could also be needed elsewhere.
General Config Plug-in
The configuration info is entered by using the general config “int_01”. In the initialization phase the configuration data is collected and held up-to-date by using callback methods. During the execution the data point permission has to be searched in the collected configuration data.
