The CODESYS OPC UA server supports the CODESYS user management. You set the access rights on the server from the ⮫ Access Rights tab on the controller. To do this, select the “RuntimeSystemObjects RemoteConnections OPCUAServer” object.
If anonymous access to the OPC UA Server is permitted despite an active user management, then you can configure the access rights for this access by granting corresponding permissions for the implicitly available group "Anonymous_OPCUAServer". The permission for anonymous access to the OPC UA Server is granted in the “Change Communication Policy” dialog. For a description of this dialog, see the help page for of ⮫ Tab: Communication Settings.
Access rights can be checked at both the service and objects levels. As a result, a user might not be able to write to a variable although this user is generally allowed to write to the OPC UA Server.
|
OPC UA Service |
Permissions |
|---|---|
|
AttributeRead |
“View” |
|
AttributeWrite |
“Modify” |
|
Call |
“Execute” |
|
CreateMonitoredItem |
“View” |
|
ModifyMonitoredItem |
“View” |
|
SetMonitoringMode |
“View” |
|
DeleteMonitoredItem |
“View” |
|
CloseSession |
“View” |
|
CreateSubscription |
“View” |
|
ModifySubscription |
“View” |
|
SetPublishingMode |
“View” |
|
DeleteSubscriptions |
“View” |
|
Publish |
“View” |
|
Republish |
“View” |
|
Browse |
“View” |
|
BrowseNext |
“View” |
|
TranslateBrowsePathsToNodeIds |
“View” |
|
RegisterNodes |
“View” |
|
UnregisterNodes |
“View” |
For more information, see: ⮫ Handling of Device User Management