Access control to the historian using local users


Hi guys.

We’ve used access control to the historian in our openPDCs:

and it has worked well with Windows users.

However, recently we tried to do the same but with “local” users, created in the openPDC database (“Authentication: Database” in the openPDC Manager - System - Configure Security), but it failed. The authentication in the URL to get data from the historian, like this:


does not work. Even if it is used like this:


and using the window authentication of the browser, it doesn’t work.

Any hint about that?



The web-services currently only support Windows authentication - however, adding parameters to the URL could be added to support database users. However, you would need an SSL style connection in order not to send password in clear text.


Ok, Ritchie. Thanks.



We’ve used a .NET client (WebClient) in a C# software (developed by us) to access data (historic and current) from an openPDC with access control enabled, with Windows users. We mount URLs with user and password (http://user:passwd@openpdc.ip:6152/historian/timeseriesdata/…/json) into the C# software, and parse the json that comes from the openPDC. It has worked well.

Now, we are trying to do something similar, but using php and “curl” (Linux). In this cenario, the requests don’t work. It seems there are some authentication issue; it seems the openPDC webservice can’t authenticate the connection comming from the curl.

We are using the configurations posted in the old openPDC forum (link above).

Any ideia if we can change something in the openPDC configuration, or any hint to use with curl, or other client?



My guess is that the user running the .NET software provided the “authentication” needed to access the web service and the user name and password passed into the URL was ignored.

In order to replicate authentication from a non-Windows environment, the HTTP implementation would need to negotiate the needed credentials.

I suggest something like the following: