The short answer to this question is that each project has a property called Required Roles that you set up in the designer. You can access the project properties window by clicking the Project menu item in the designer and then selecting the Properties option. The Required Roles option is located in the General section of the Project area. You can enter a comma separated list of role names that are required to access the project. If a user doesn't have the required role then they will not be able to sign into the project.
Ignition and Security
Ignition uses what's known as role based security. Logging in to the Gateway; logging in to a project; access to windows in a project; any type of security configuration relies on users and their associated roles. Users and all their associated roles are stored in user sources the you configure in the Ignition gateway. Take a look at the Security Overview section for a quick explanation of how security in Ignition works.
After finishing the initial installation of Ignition a default user source will be set up automatically for you to use. It is an internal profile that cannot be deleted but can be modified to include more users and roles.
The default user source
You can manage the default user source by navigating to the Configure > Security > Authentication section of the Gateway. The manage users link will allow you to add new users, modify roles and passwords for existing users, remove users, and add/remove roles from the user source. Choosing to edit a user will bring you to the following page allowing you to make any necessary changes to that user.
Types of user sources
| • | Internal user source - This is a simple to setup, internally managed user source. All information in this type of profile is stored in the internal database used by Ignition. These types of profiles can only be managed from the Ignition Gateway, so they are not ideal for situations where you wish to create an user source that is modifiable at project runtime. |
| • | Database user source - All roles, users, and passwords are stored in a database that you specify. Managing users is done via direct interaction with the database so this kind of profile is best suited for managing users and roles during your project at runtime. |
| • | Active Directory user source - Roles and users are managed by Active Directory. |
| • | AD/Internal user source - Users managed by Active Directory and roles stored internally. |
| • | AD/Database user source - Users managed by Active Directory and roles stored in an external database. |