During the recent development of a new project in WinCC OA (Open Architecture) 3.17, Siemens’ highest level platform for visualization, AWC’s application engineering team got some hands-on experience with some newly integrated security features, including Server Side Authentication (SSA) for the various user interfaces (UIs) and managers. Below are some steps on how to successfully configure SSA and proceed with the rest of the WinCC OA project development.
- Starting with SSA on in the very beginning will prevent access to the WinCC OA graphics editor (GEDI). To remedy the situation, begin by commenting out accessControlPlugin in the config file.
- Remove – ssa from the UI Manager.
- Open GEDI and navigate to the System Manager -> Settings -> Device Management
- Once the Device Manager is open, temporarily enable “Automatic Unlock”. This will allow authorization to connect with GEDI when SSA is turned on.
- SSA does not allow the root user access to UIs; otherwise, SSA will error out and say that the user is forbidden. Create another user with root access.
- Once the new user is created, return to the config file and uncomment accessControlPlugin and add the -SSA option back into the UI Manager.
- Restart the project to allow the changed settings to take effect and log in to GEDI with the new user.
Additional Contributions
- Julyann Tu – AWC, Inc.