Skip to main content
InSource Solutions

TN IT195 InTouch Security - Differences between the security types

  1. Last updated
  2. Save as PDF

InSource_Logo_Transparent.png

 

Description

InTouch allows for 4 different security models, None, InTouch, ArchestrA, OS.  This document will explain the differences.

 

  • Author: Dillon Perera
  • Published: 12/29/2015
  • Applies to: InTouch 9.5 and up

 

 

Details

InTouch has 4 different security models, with the main difference being where the usernames and passwords for users have been defined.  Note that InTouch Security is only used for limiting access in WindowViewer (Runtime), and will not prevent users from accessing WindowMaker (Development).

 

InTouchSecurity_SecurityTypes.png

 

None - This is the default security model, and doesn't use a built in username/password management system.  With this, unless the designer has written scripts to hardcode usernames and passwords, typically users will have full access to the entire application.

 

InTouch - With this security model users are configured from WindowMaker and are stored in a proprietary file within your application called password.bin.  Once users are created, they will be assigned an AccessLevel which will range from 0-9999.  

 

ArchestrA - With this security model users are configured from the ArchestrA IDE (Application Server) software, and therefore depend on the InTouch application to be run as part of an Application Server Galaxy.  Once users are created from the ArchestrA IDE, they will be assigned an AccessLevel which will range from 0-9999.  

 

OS - With this security model users are configured through the OS (Windows).  The main benefit of this approach is that if your users already have to logins for Windows, it allows us to only maintain their usernames and passwords in one place.  Because Windows users do not have a built in AccessLevel field, you will need to use scripting to map an AccessLevel to each user's group.  This is done with the AddPermission() function to assign each group an AccessLevel from 0-9999.  This AddPermission function should be run in a Startup script.


Syntax: AddPermission( "Domain", "Group", AccessLevel); 

 

Example: AddPermission("MyInTouchPC", "Operators", 5000)

 

General:

Once users are created, and AccessLevels have been assigned, you will use Animation Links to limit the users access through the Visibility and Disable animations by using $AccessLevel and $Operator.

Example: You may have a disable animation with the expression "$AccessLevel<5000" to prevent users with AccessLevels lower than 5000 from being able to click the button.