Please ensure Javascript is enabled for purposes of website accessibility
Powered by Zoomin Software. For more details please contactZoomin

AVEVA™ Operations Management Interface

TABLE OF CONTENTS

InsightApp security requirements

Save PDF
Save selected topicSave selected topic and subtopicsSave all topics
Share
Share to emailCopy topic URL
  • Last UpdatedJul 18, 2024
  • 2 minute read

A logged in user must be an authorized Historian user to view a chart displayed by the InsightApp in a running ViewApp. InSightApp uses the SSO (Single Sign-On) feature.

Typically, users can connect to a Historian server from the InSightApp using an unencrypted (HTTP) connection. (Even without an encrypted connection, the user credentials exchanged during login are still encrypted.) You can also use an encrypted connection (HTTPS) for the REST API, and this requires configuring an X.509 certificate for TLS (transport layer security).

About TLS, HTTPS, and X.509 certificates

TLS allows for encrypted authentication credentials to be passed between a server and client. A certificate containing a private key is passed between the client and server to verify identification and allow access.

Using HTTPS ensures that communication between the client and server is encrypted, helping to prevent third parties from stealing or tampering with your data.

To configure the HTTPS connection to the Historian, you need an X.509 certificate. The certificate can be from a trusted authority or a self-signed certificate. During the installation and configuration of the Historian, you can import a certificate from a trusted authority if you have one, otherwise the configurator can create a self-signed certificate for you.

InSightApp supports OS Group or OS User based security. Galaxy authentication mode is not supported. Security is configured on the server-side (typically, at time of installation), and this configuration determines what happens when an InSightApp user connects using an unencrypted (HTTP) connection. There are two server-side connection options:

  • Favor trusted connections, but permit untrusted connections. See Favor trusted connections for more information.

  • Require trusted connections. For this option to work, the client must trust the certificate. See Require trusted connections for more information.

InSightApp runs in the context of the logged on ViewApp user. A message appears if security is not enabled or if an authorized Historian user is not logged on to the ViewApp. A message also appears if a secure connection was configured but is not available.

TitleResults for “How to create a CRG?”Also Available in