Defining General Settings

General Settings provides access to the security settings that control how GENESIS maintains accounts in its database.

To define General Settings:

Open Workbench and in the Project Explorer, expand the Security node and double-click Global Settings. View image

From the Security / Global Settings pane, the General tab displays the default General Settings.

The following options can be changed by the administrator when necessary.

Section	Option and Description
	Security Active: Inactive—Indicates that the security is deactivated, and permissions are always granted. Testing—Always use the Testing option because this allows you to tweak the security settings while minimizing the risks of getting locked out. All permissions are granted when no user is logged into the system. When a user is logged in, their configured permissions apply. Active—Indicates that the security is active for all users and groups.
	Login-related Options: Provide list of existing users in the login dialog—Indicates that all users' names appear in the User Name Security Login dialog. This option is often desirable for touch-screen systems. Show currently logged in user in login dialog—Displays the most recent and current user that successfully logged into the system via the Security Login dialog. Provide detailed login error code—Select this checkbox to notify the user when a login error occurs. A log-in error condition displays specific error messages: Invalid username Wrong password User account locked (security is set to Database Security.) We recommend keeping the login error code checkbox unselected (unchecked), as exposing specific error messages is considered a security weakness of CWE-200 (common weakness enumeration). Allow simultaneous login—Allows multiple users to be logged in on the same computer at the same time. Only the permissions of the most recent user apply. When off, logging in with a user automatically logs out the previous user(s). Check file security in configuration mode— If selected, GraphWorX™ also checks file security in the configuration mode. If not selected, GraphWorX only checks the security in the runtime mode. Check browse security— If selected, the point security also applies when browsing for data using the Data Browser. For this purpose, Security checks the Browse column on the Points tab of Users and Gorups. If not selected, the Security only checks read and write access to points. This checkbox is always enabled to ensure that web access is secure.
	Time Window and Security Mode: Time window for interacting with critical objects—the amount of time (in seconds) after a login when the user is allowed to manipulate a critical point before being required to log in again. Security mode—allows you to select one of the options. Other than the Database option, selection of the Active Directory or Azure Active Directory displays additional settings.

Section

Option and Description

Security Active:

Inactive—Indicates that the security is deactivated, and permissions are always granted.
Testing—Always use the Testing option because this allows you to tweak the security settings while minimizing the risks of getting locked out. All permissions are granted when no user is logged into the system. When a user is logged in, their configured permissions apply.
Active—Indicates that the security is active for all users and groups.

Provide list of existing users in the login dialog—Indicates that all users' names appear in the User Name Security Login dialog. This option is often desirable for touch-screen systems.
Show currently logged in user in login dialog—Displays the most recent and current user that successfully logged into the system via the Security Login dialog.
Provide detailed login error code—Select this checkbox to notify the user when a login error occurs. A log-in error condition displays specific error messages:
- Invalid username
- Wrong password
- User account locked (security is set to Database Security.)
We recommend keeping the login error code checkbox unselected (unchecked), as exposing specific error messages is considered a security weakness of CWE-200 (common weakness enumeration).
Allow simultaneous login—Allows multiple users to be logged in on the same computer at the same time. Only the permissions of the most recent user apply. When off, logging in with a user automatically logs out the previous user(s).
Check file security in configuration mode— If selected, GraphWorX™ also checks file security in the configuration mode. If not selected, GraphWorX only checks the security in the runtime mode.
Check browse security— If selected, the point security also applies when browsing for data using the Data Browser. For this purpose, Security checks the Browse column on the Points tab of Users and Gorups. If not selected, the Security only checks read and write access to points. This checkbox is always enabled to ensure that web access is secure.

Time Window and Security Mode:

Time window for interacting with critical objects—the amount of time (in seconds) after a login when the user is allowed to manipulate a critical point before being required to log in again.
Security mode—allows you to select one of the options. Other than the Database option, selection of the Active Directory or Azure Active Directory displays additional settings.

Click Apply whenever you change or update the settings.