Single Sign On and Remote UI

RDB and Single Sign On

Requirements

  • Installed Oracle Client software with the version 10.2.0 or higher.

  • In public grants only one RDB schema is allowed. Otherwise the accesses on the single database objects are not well-defined anymore.

Activation of Single Sign On

  1. Activation of public grants:

    Execute a normal setup with public_grants = 'yes'. Alternatively, the script "RDB_AppUserPublic.sql“ can be executed for an already existing user.

  2. Create the operating system user:

     SQL> create user "OPS$[domaine]\[userName] " identified externally

    OPS$ is a prefix and it can be set using the Oracle parameter "os_authent_prefix". The prefix can also be left empty.

    Assign the role R_APP_PVSSRDB to the operating system user.

  3. Define the following config entries in the config file:

    [ValueArchiveRDB] DbUser = "" DbPass = "" Db = "MY_DB"

RDB access from a remote UI

In order to access the Oracle database from a remote UI (config entry queryRDBdirect = 1) proceed as follows:

  1. Install the Oracle client version as of 10.1.0.4

  2. Install WinCC OA (a full WinCC OA installation).

  3. Actualize the both DLLs LibAce**.dll und LibSQLApi**.dll to the new version in the /bin directory of the UI project.

  4. Define a tnsnames entry on the server in order to access the database: (you can test this using tnsping)

 <SERVER.<DOMAIN> =
 (DESCRIPTION =
 (ENABLE=BROKEN)
 (ADDRESS_LIST =
 (ADDRESS = (PROTOCOL = TCP)(HOST = <HOST>)(PORT = 1521))
 )
 (CONNECT_DATA =
 (SID = <SID>)
 (SERVER = DEDICATED)
 )
 )

Whereas <SERVER>, <DOMAIN>, <HOST> and <SID> has to be adapted according to the server.

  1. Define the following entries in the config file of the remote project:

 [general]
 useRDBArchive = 1
 useRDBGroups = 1
 [ValueArchiveRDB]
 DbUser = "<username>"
 DbPass = "<password>" # is not mandatory
 Db = "<dbname>"
 
 [ui]
 queryRDBdirect = 1
 CtrlDLL = "CtrlRDBArchive"
 CtrlDLL = "CtrlRDBCompr"
 
 [ctrl]
 queryRDBdirect = 1
 CtrlDLL = "CtrlRDBArchive"
CtrlDLL = "CtrlRDBCompr"

A control manager is also started by the UI. Thus, copy a CTRL manager from another installation type into your project. The CTRL manager WCCOActrl.exe has to exist in the Bin directory of the UI project.

For a remote UI, first, the DB parameters are read from the config file. All parameters that were not specified in the config file are taken from the values of the internal data point elements of the _RDBArchive type.