+ All Categories
Home > Documents > Control System Studio Training - Authentication, Authorization

Control System Studio Training - Authentication, Authorization

Date post: 02-Jan-2016
Category:

Documents
Upload: latifah-hamilton
View: 55 times
Download: 1 times
Download Report this document
Share this document with a friend
Description:
Control System Studio Training - Authentication, Authorization. Kay Kasemir ORNL/SNS [email protected] Jan. 2013. Example: Alarm System. !. Only authorized users can change the configuration. . . Auth & Auth. Authentication : Confirm a user's identity Check password - PowerPoint PPT Presentation
8
Managed by UT-Battelle for the Department of Energy Kay Kasemir ORNL/SNS [email protected] Jan. 2013 Control System Studio Training - Authentication, Authorization
Transcript
Page 1: Control System Studio Training - Authentication, Authorization

Managed by UT-Battellefor the Department of Energy

Kay Kasemir

ORNL/SNS

[email protected]

Jan. 2013

Control System Studio Training

-Authentication,Authorization

Page 2: Control System Studio Training - Authentication, Authorization

2 Managed by UT-Battellefor the Department of Energy

Example: Alarm System

Only authorized users can change the configuration

!

Page 3: Control System Studio Training - Authentication, Authorization

3 Managed by UT-Battellefor the Department of Energy

Auth & Auth

Authentication: Confirm a user's identity– Check password

Authorization: Is user permitted to do something?– Requires authenticated user

– Some database: User “Fred” may configure alarm

Page 4: Control System Studio Training - Authentication, Authorization

4 Managed by UT-Battellefor the Department of Energy

Auth & Auth in CSS

API: org.csstudio.auth

Implementations:

Authentication– org.csstudio.platform.jaasAuthentication

Authorization– org.csstudio.platform.ldapAuthorization

– org.csstudio.sns.dummyAuthorization

– org.csstudio.sns.ldapAuthorization

Page 5: Control System Studio Training - Authentication, Authorization

5 Managed by UT-Battellefor the Department of Energy

Can’t we just ignore this?

No.If you don’t configure auth & auth,nobody can do anything

What follows is the simple “anybody can do anything” setup.

Page 6: Control System Studio Training - Authentication, Authorization

6 Managed by UT-Battellefor the Department of Energy

Dummy Authentication

Include plugins in CSS product: org.csstudio.platform.jaasAuthenticationorg.csstudio.platform.jaasAuthentication.ui

Configure like this in plugin_customization.ini of CSS product:# Select 'Dummy' JAAS Authenticationorg.csstudio.platform.jaasAuthentication/jaas_config_source=Fileorg.csstudio.platform.jaasAuthentication/jaas_config_file_entry=Dummy

Now any user and password will work– Except user name “fail”, which can be used for tests

Page 7: Control System Studio Training - Authentication, Authorization

7 Managed by UT-Battellefor the Department of Energy

Dummy Authorization

Include plugin in CSS product: org.csstudio.sns.dummyAuthorization

Now any user and password will work– Still needs to log on, though, but any user name and

password will be accepted

Page 8: Control System Studio Training - Authentication, Authorization

8 Managed by UT-Battellefor the Department of Energy

For Operational Setups

Authenticationorg.csstudio.platform.jaasAuthentication

–Kerberous, LDAP

Authorizationorg.csstudio.platform.ldapAuthorization

org.csstudio.sns.ldapAuthorization

–Similar, different LDAP schemata


Recommended
SharePoint Authentication and Authorization

SharePoint Authentication and Authorization

Technology

Authentication, Authorization, and Audit Design Pattern: Internal User Identity ... · Authentication, Authorization, and Audit Design Pattern: Internal User Identity Authentication

Authentication, Authorization, and Audit Design Pattern: Internal User Identity ... · Authentication, Authorization, and Audit Design Pattern: Internal User Identity Authentication

Documents

Introduction to centralized Authentication, Authorization ... · PDF fileIntroduction to centralized Authentication, Authorization and Accounting ... –RADIUS (RFC 2865) –The ...

Introduction to centralized Authentication, Authorization ... · PDF fileIntroduction to centralized Authentication, Authorization and Accounting ... –RADIUS (RFC 2865) –The ...

Documents

AAI - Authentication and Authorization Infrastructure ... · AAI - Authentication and Authorization Infrastructure Attribute Specification 11 April 2017 Version 1.6

AAI - Authentication and Authorization Infrastructure ... · AAI - Authentication and Authorization Infrastructure Attribute Specification 11 April 2017 Version 1.6

Documents

Kernel Authentication & Authorization for J2EE … AUTHENTICATION & AUTHORIZATION FOR J2EE (KAAJEE) ... JavaBean Example: ... x Kernel Authentication & Authorization for Java 2 Enterprise

Kernel Authentication & Authorization for J2EE … AUTHENTICATION & AUTHORIZATION FOR J2EE (KAAJEE) ... JavaBean Example: ... x Kernel Authentication & Authorization for Java 2 Enterprise

Documents

UAG Authentication and Authorization- part1

UAG Authentication and Authorization- part1

Documents

Forms Authentication, Authorization, User Accounts, and …download.microsoft.com/.../aspnet_tutorial02_FormsAuth_vb.pdf · Forms Authentication, Authorization, User Accounts, and

Forms Authentication, Authorization, User Accounts, and …download.microsoft.com/.../aspnet_tutorial02_FormsAuth_vb.pdf · Forms Authentication, Authorization, User Accounts, and

Documents

Authentication, Authorization, & Identity Management

Authentication, Authorization, & Identity Management

Documents

Authentication and Authorization in Condor

Authentication and Authorization in Condor

Documents

ESPC15 - Extending Authentication and Authorization

ESPC15 - Extending Authentication and Authorization

Software

Authentication - University of Southern Californiacsci530l/slides/lab-authentication-color.pdf · authentication != authorization – authorization establishes what user can do once

Authentication - University of Southern Californiacsci530l/slides/lab-authentication-color.pdf · authentication != authorization – authorization establishes what user can do once

Documents

Authentication and Authorization (including focussing on ...iamsect.ncl.ac.uk/dissemination/breaking-boundaries/Authentication … · Distributed authentication and authorization

Authentication and Authorization (including focussing on ...iamsect.ncl.ac.uk/dissemination/breaking-boundaries/Authentication … · Distributed authentication and authorization

Documents

Grid Security : Authentication and Authorization

Grid Security : Authentication and Authorization

Documents

Extending Authentication and Authorization

Extending Authentication and Authorization

Technology

Adaptive Authentication and Authorization · (MFA) for authentication and authorization requests. ... These authorization policy rules can be built around one or more resources. They

Adaptive Authentication and Authorization · (MFA) for authentication and authorization requests. ... These authorization policy rules can be built around one or more resources. They

Documents

Configuring Authentication, Authorization, and Impersonation … · 98-363 Web Development Fundamentals 5.1 Configuring Authentication, Authorization, and Impersonation ... When you

Configuring Authentication, Authorization, and Impersonation … · 98-363 Web Development Fundamentals 5.1 Configuring Authentication, Authorization, and Impersonation ... When you

Documents

Authentication and authorization

Authentication and authorization

Documents

Authentication, Authorization, and Accounting

Authentication, Authorization, and Accounting

Documents