Working with Security

The Security Manager is a VTS service that controls access to itself and to other VTS services, pages, and objects by managing a list of user accounts. You can use it to set varying levels of security for a standard application.

User actions logged to the alarm history record by the Security Manager include logons, logoffs, and account changes.

Each user account consists of:

•    A username;

•    A unique password;

•    A set of security privileges (both system privileges and application privileges); and

•    [optional] An alternate ID (provided by magnetic swipe cards if available).

•    [optional] A group name.

When you create and configure a new application, no security options are enabled until you decide that you need them. Typically, VTS developers configure user accounts as one of the last steps in application development. VTS operates in this manner to keep the application development process expedient for developers. Once you have decided to set up security for the application, you can use the Security Manager to begin configuring user accounts for operators based on their roles and responsibilities.

VTS provides a series of dialogs that you can use to quickly set up the user accounts and privileges required by the operators for your applications.  A user account with Manager privileges can create and configure other user accounts.  An account with Administrative privileges can set overall configuration options such as the automatic logout time and the required password strength.

In order to begin using the Security Manager dialogs to set up user accounts, you must first logon to the application yourself using the default user account provided by VTS.  See: Manager1 Default User Account.

In addition to defining privileges on a user-by-user basis, VTS allows you to define workstations that are “read-only”.  Anyone accessing the application from the defined workstation will be able to view the application based on their user privileges, but will be denied all control functions regardless of their user-defined privileges.  See: Defining Read-Only Workstations.

Later sections discuss secured and unsecured states and the default user account in detail.

Information on all user accounts is maintained by VTS in a security-related data file named SecMgr.dat (see: Security-related Data Storage). All administrative settings related to security are kept in a user-customizable configuration file named SecurityManager.ini.