If different clients should have access to different data areas of the controller, then multiple groups of symbols are necessary.
In CODESYS controllers, access to the respective symbol set is assigned to the controller by means of user management.
As a result, the client has to supply the user and password, which should certainly be encrypted by today's standards.

From these requirements, encrypted communication with the controller is necessary.
Especially with large amounts of data, encryption can lead to a higher load on the controller and, for example, prolong the startup behavior of the OPC UA server.
Also note that not every client supports encrypted communication, for example an OPCDA-Client => mixed operation is not possible.

  • Create a project with encrypted communication for 3 variables and test the communication, for example with the "UaExpert" OPCUA client.

    Step-by-step instructions are found in the help:




Creating user management for the controller

If user management is already activated on the controller, then you can skip this step.

  • In the configuration area of the controller, open the Users and Groups tab.
    Click the Refresh button.



    This is followed by a dialog that you confirm by clicking Yes.
    Then a login dialog opens for you to login on the controller as the default user Administrator (password: Administrator).
    As this is the first time you have used user management, you will then be prompted to enter a new password.



  • Create a new user group (example: "grOPCUA") by clicking the Add button.



  • Use this button to create a new user (example: "usrOPCUA") in this area.
    In the configuration dialog, assign the created group "grOPCUA" to the user:





    There is no special function for deactivating an activated user management.
    If it is necessary to delete the user management, then the device must be reset to its original state:


Creating a new configuration

  • In the Symbol Configuration, select the option Settings\Enable Symbol Sets:



    This makes the existing configuration the default set.

  • Add a new group by clicking the Add a new symbol set button.



  • In the dialog, type in a meaningful name for the group:



  • Assign a variable to the group:



  • Download the project to the controller.

Assigning from the symbol set to the user group

  • Open the Symbol Rights tab in the controller and update the contents by clicking the Refresh button.
    The available symbol sets should now be listed:



    Now you can select the symbol set in the list on the left and assign it by double-clicking the user group:





Testing with the OPC UA client

In the OPC UA client, change the connection option to use a user:

If you login as user usrOPCUA, ten you only get the variables that have been assigned to the symbol set symOPCUA.