Lookout

As in a common Lookout process, running a webclient process requires login as a user. It depends on the user's privilegies what kind of actions he'll be able to do, for example, change pot's value, etc.
If you aren't displaying the toolbar, users won't be able to logoff and logon. No other restriction is applied.
If the clients are in your LAN, check how to set up the domain users list.
There's a lot of information on security in chapter 10 of Lookout Developer's Manual.

OK, so since I am not displaying the toolbar, a client cannot change their default login? So what is the default security level for someone logging into a web client? I am assuming 1.

Carl,
Unfortunately, the lookout player's default user is administrator. Thus, you can not restrict the access unless you have the same lookout.sec file in the client machine, what's possible only if you know, and have access to, which machines will connect to your lookout server.

You could set up a mixed security policy. For example, if your clients will always be in your LAN, you can copy lookout.sec file (provided that lookout default autologon as administrator is not set) in every client machine and restrict the access to your process, through IP setting, to those machines only.
Jose.

Unfortunately? How on earth could you possibly post anything to the internet and allow whoever to come in as an administrator? I know it is this way on LAN connections (Lookout Client), and I have taken care of that. Local security is unique to each machine. But I am talking about WEB clients. I am getting ready to display my application on the internet, I have all writable objects with a security level of 2. If anyone coming in on the internet can come in as an administrator, they could completely shut down the city's water treatment plant. Please tell me that we've had a miscommunication and this is not the case.

Carl,

There's a way to force the remote client to download the lookout.ini file, hence the default login setting to lookout player, I don't know if it works in lookout 5(it seems to work in lookout 4.5). Look at http://zone.ni.com/devzone/conceptd.nsf/2d17d611efb58b22862567a9006ffe76/1c39c87fd53373eb86256a400056cfdb?OpenDocument

Anyway, I could think three ways to overcome this issue.

First, web server security. Restrain access to the html through web server authentification.

Second, make two types of clients(in two different URL's). One for your lan, other for WAN with no action allowed (i.e. shut down your water plant).

Third, use password protected buttons. See http://sine.ni.com/apps/we/niepd_web_display.DISPLAY_EPD4?p_g
uid=B45EACE3E7E356A4E034080020E74861&p_node=DZ52192&p_submitted=N&p_rank=&p_answer=&p_source=External

Also, look at http://sine.ni.com/apps/we/niepd_web_display.DISPLAY_EPD4?p_guid=B45EACE3E56156A4E034080020E74861&p_node=DZ52192&p_submitted=N&p_rank=&p_answer=&p_source=External

Hope this help

Jose

I hope the .ini works. Once my firewall is reconfigured, I will try it. The other options aren't very good at all. The first idea, to limit accessibility. The whole point of serving to the internet is to make it visible to anyone. The second idea of another app is TWICE the work of the project. I do not have an unlimited supply of time and money for this. The third idea of password protecting. Then the in plant controls would be the same and it would take forever to make adjustments to a process. I know this is not your fault, but I sincerely hope NI is hot on the trail of a solution. This is absolutely terrible. The manual (and any Lookout salesman) make it sound like you develop your normal process, make a few additional
clicks of the mouse and you're online. To actually allow someone to come in as an administrator is horrible. Is anyone actually using this for anything important? I'm sure they are and would like to know how they are handeling this issue. Do they realize it's an issue? Once again, I know this isn't your fault so please don't take my venting personally.