SetSecurity (Set Security)
The SetSecurity instruction is used to implement up to three levels of security in the datalogger.
Syntax
SetSecurity ( Security1, Security2, Security3 )
Example
In the following datalogger program, three levels of security have been set in the datalogger.
'CR1000X Series Datalogger
Public BattVolt, RefTemp, TCTemp, ChangeVar
SetSecurity (1111,2222,3333)
DataTable (TempTbl,1,-1)
DataInterval (0,1,Min,10)
Sample (1,BattVolt,FP2)
Sample (1,RefTemp,FP2)
Sample (1,TCTemp,FP2)
EndTable
BeginProg
Scan (1,Sec,3,0)
Battery (BattVolt)
TCDiff (TCTemp,1,mv200C,1,TypeT,RefTemp,True,0,15000,1.0,0)
CallTable TempTbl
NextScan
EndProg
In the following datalogger program, three levels of security are set during program run-time using the SetSetting instruction and variables for the three security levels.
'Example 2
Public RefTemp, Batt_volt
Public SecLev1,SecLev2,SecLev3
BeginProg
SecLev1=111
SecLev2=222
SecLev3=333
Scan (1,Sec,0,0)
SetSetting ("Security(1)",SecLev1)
SetSetting ("Security(2)",SecLev2)
SetSetting ("Security(3)",SecLev3)
Battery (Batt_volt)
NextScan
EndProg
Remarks
The SetSecurity instruction is executed at compile time. Up to three levels of security can be set in the datalogger. Level 1 must be set before Level 2 can be set, and Level 2 must be set before Level 3 can be set. If a level is set to 0, any level greater than it will also be set to 0 (for example, if Level 2 is 0, Level 3 is 0). Valid security codes are 1 through 65535 (0 is no security). Each level must have a unique code.
Use the SetSetting instruction to set security during run-time by using a variable for the security code, which can then be edited by the user.
Software access functions affected by each level of security are:
- Security1: When this level is set, collecting data, setting the clock, and setting variables in the Public table are unrestricted, requiring no security code. If the user enters the Security1 code, the datalogger program can be changed or retrieved and fields can be edited in the ConstTable. Also, writable variables can be set in the Status, Settings, or DataTableInfo tables.
- Security2: When this level is set, data collection is unrestricted, requiring no security code. If the user enters the Security2 code, the datalogger clock can be changed, writable DataTable Sample fields can be edited, and variables in the public table can be changed. If the user enters the Security1 code, the datalogger program can be changed or retrieved and writable variables can be set in the Status, Settings, or DataTableInfo tables.
- Security3: When this level is set, all communication with the datalogger is prohibited if no security code is entered. If the user enters the Security3 code, data can be collected from the datalogger. If the user enters the Security2 code, data can be collected, public variables can be set, and the clock can be set. If the user enters the Security 1 code, all functions are unrestricted.
Security and the Keyboard Display
Using the keyboard display with security set behaves similarly to accessing the datalogger with communication software such as LoggerNet or PC400.
If security is set in the datalogger and you try to access a function that is blocked by security, you will be prompted to unlock security. Security settings are accessible via the Settings table. If security is set, the codes will be displayed as -1 when viewed, unless the highest level security code has been entered.
If all three levels of security are set, each level of security code unlocks the following:
- Security(3) (lowest level) unlocks the data display, custom display, and status display.
- Security(2) unlocks the functions protected by Security(3), plus editing public table variables.
- Security(1) (highest level) unlocks the previous two levels of security, plus file access, changing settings and editing writable fields in the Status table (e.g., StationName).
Security and HTTP/FTP Capability
Refer to the WebPageBegin/WebPageEnd instructions for information on the Security command to unlock datalogger security when viewing and accessing web pages generated by the datalogger.
Refer to WebServer/API Commands for information on enabling Basic Access Authentication for the datalogger’s web server.
Note that if the default .csipassword "anonymous" and read-only access is enabled, then read-only access to the datalogger's web page will be provided even if all three levels of numeric SetSecurity are enabled.
Files that can run as a program (*.cr1x files) are inaccessible via FTP File Transfer Protocol. A TCP/IP application protocol. when security is active. They will not show up in directory listings and they cannot be opened for reading, writing, or deleting unless the user name supplied by the client has "Admin" appended to the datalogger's FTP user name and the highest level of security appended to the datalogger's FTP password. For example, if security level 1 = 111, the ftp user name = MyUserName, and the ftp password = MyPassword, enter
ftp://MyUserNameAdmin:MyPassword111@192.168.1.23/CPU to allow the ftp client to log in with full access to program files.