Authentication and Access Control
Authentication ensures that only authorized users can make changes that affect system behavior.
Web Server Authentication
- Configuration changes through the PCMM2G Web server are restricted to authenticated users with valid credentials.
- User credentials are protected through secure password handling mechanisms.
- Passwords are processed using salted cryptographic hashing prior to storage.
- Stored credential data is maintained in a non-readable, one-way transformed format.
- This prevents recovery of the original password value (even by Kollmorgen).
- See User Authentication.
Authenticated KAS-IDE Access to PCMM2G
Engineering operations initiated from KAS-IDE include:
- Project download.
- Project start and stop.
- Controller configuration modification require authentication using the existing PCMM2G Web server username and password.
- See Connect to the Controller.
By default:
- Authentication is required for KAS-IDE connections that perform protected actions.
- Unauthenticated users cannot overwrite or control the active controller configuration.
- An explicit configuration option is available to allow unauthenticated KAS-IDE access in controlled environments, with clear indication and warning of the reduced security posture.
- See Security tab.
- These mechanisms prevent unauthorized or accidental controller modification, even when users have network access or project files.





