Logging In To a Laboratory

Forms See also

.NET V3 forms:

V2 forms:

Logging Out Of a Laboratory

Using the Screen Interface

Using the V3 menu

Using the CCLAS 2 Menu

Managing the Database Connection and Security

Changing Your Password

Maintaining Staff Accounts

Managing CCLAS Licences

Overview

CCLAS EL login is trigged by launching a CCLAS EL application, either via the V3 Menu, V2 Menu, or directly from the command line.

Database Connection and Security Check

For CCLAS EL applications to run on a client computer, a connection to the CCLAS EL database must be established and secured.

The Pool Control and Security Manager manages the database connection and security. These processes are managed by the CPOOL01.exe and CCSECM01.exe applications, respectively, and reside either on the client computer or on a remote server. Refer to Managing the Database Connection and Security.

Where these processes are not yet running on your computer, you are prompted to log in with a username, laboratory and password.

Terms and Conditions

At this point, the user also view the terms and conditions of running the CCLAS EL application, or choose to change to a different CCLAS EL database, which then automatically updates the CCLAS EL configuration file (CCLAS.INI for V2 and appsettings.json for V3 applications).

Active Staff Accounts

A user can only log in where they have an active staff account for the intended laboratory.

Note: When you are using CCLAS EL for the first time, then only the CCLASMGR staff account and GLOBAL laboratory exist on your system. These are created when CCLAS EL is installed. No password is set at this stage. The username and password is CCLASMGR, CCLASMGR. The CCLASMGR staff account is used to log in for the first time. After this, to maintain security, ensure that the password is changed. The CCLASMGR staff account has an access level of 3 for all CCLAS EL database tables, which means that this staff member has the ability to view, create and delete staff members from the STAFF table. The CCLASMGR staff account cannot be deleted.

Licence Limitations

CCLAS EL licensing is based upon the number of non-concurrent and the number of concurrent workstations in use. Refer to Managing CCLAS EL Licences.

The number of non-concurrent workstations are those that have an entry in the LICENCE table with the licence slot set to Not in use.

The number of concurrent workstations are those that have an entry in the LICENCE table with the licence slot set to In use.

Licence slots are only available if the number of non-concurrent workstations, less the number of concurrent workstations, is greater than zero.

If no licence slots are available, then a user is unable to log in until one of the concurrent users whose licence slot is In use becomes non-concurrent by dropping their licence slot and having their slot set to Not in use.

Licence Log File

A LicenceLog_mmddyyyy.txt log file is created in the Bin folder. The licence check information is written to the file upon a user logging in to a laboratory, This log file can be provided to CCLAS support when there is a requirement to investigate CCLAS EL licencing issues. These log files are created daily so that they can be kept to a minimal size and deleted, as required.

Licence Expiry Warning

The clsSecurity class establishes a warningDay range for licence expiry, such that, when logging in to a laboratory, launching any CCLAS EL application or accessing the Help » About dialog from any CCLAS EL application, then the CheckLicenceExpiryDate method is run, and if the CCLAS EL licence is about to expire, then displays a licence expiry warning dialog that the user cannot close for at least one minute, the duration of which is indicated by a progress bar.

Menus

The configuration of CCLAS EL at your site includes the tailoring of menus to access only those applications you need to perform your work. Menus are a nice tool that assist you getting around CCLAS EL. However, if you are a super user, you may wish to launch CCLAS EL applications directly from the command line.

Refer to Using the V3 Menu and Using the V2 Menu.

Process

Logging In

V3 login:

  1. Launch a V3 application.

  2. Where no CCLAS EL applications are running, and both the Pool Control and Security Manager are not established as yet, regardless of how a CCLAS EL application is launched, then the cclasellogon > CCLAS EL login Form displays.

    Server connection shows the current preferred connection as set in the appsettings.json file.

  3. Enter your Username.

  4. If the staff code exists in for more than one laboratory code, then select the Labcode. If the staff code only exists in one laboratory, then proceed to log in to that laboratory.

  5. If the staff account is configured to use a password, then enter the Password.

  6. Click Login to proceed with the login. An error message is displayed where the entered credentials are invalid.

V3 viewing the legal disclaimer:

  1. Click Legal Disclaimer to view the legal conditions of running the CCLAS EL application.

Refer to Changing the Database Connection from a CCLAS EL application after login.

V3 login via the V3 Menu, after a logout:

  1. Click to display the user name, laboratory code and server.

  2. Select Login to display the cclasellogon > CCLAS EL login Form.

  3. Enter your Username.

  4. If the staff code exists in for more than one laboratory code, then select the Labcode. If the staff code only exists in one laboratory, then proceed to log in to that laboratory.

  5. If the staff account is configured to use a password, then enter the Password.

  6. Click Login to proceed with the login. An error message is displayed where the entered credentials are invalid.

V2 login:

  1. Launch a V2 application to display the GENERIC—Login Form.

    Refer to Using the V2 Menu and Launching Applications without using the Menu.

  2. Enter your Username.

    The Username is managed as follows:

    • The UseWindowsUsername GLOBAL setting controls whether the staff member's Windows username is expected as the user name (0=The user name is read-write; 1=The field is read-write and defaults to the Windows username; 3=The field is read-only and defaults to the Windows username).
      The UseWindowsPassword GLOBAL setting controls whether the staff member's Windows password is expected as the password (checked=The Windows password is expected).

  3. If the staff code exists in for more than one laboratory code, then enter the Labcode. If the staff code only exists in one laboratory, then that laboratory code is selected automatically.

    The selected Lab Code impacts queries from the CCLAS EL applications to the CCLAS EL database by only returning records relating to the login laboratory and the global laboratory.

  4. If the staff account is configured to use a password, then enter the Password.

    When entering the Password, the LoginPasswordTries GLOBAL setting defines the number of times an incorrect password can be entered before the staff account is disabled. Contact your local system administrator if this occurs.

  5. Click OK to proceed with the login, or click Cancel to not proceed. An error message is displayed where the entered credentials are invalid.

Re-establishing the Database Connection and Security

Where CCLAS EL applications are running already, but both the Pool Control and Security Manager are not established as yet, then you can re-establish the database connection and security.

Via the V3 Menu:

  1. Log in again

Via the V2 Menu:

  1. Right-click and select the Login option.

If a CCLAS EL application is running:

  1. Select the File » Close main menu option to close the application.
  2. Select the File » Login main menu option to login again.

What Happens Upon Login?

Upon user log in, the Pool Control and Security Manager are not established as yet.

Where the existing connection to the database is broken for any reason, then the DBReconnect CCLAS program setting defines the number of times a reconnection is attempted. The DBReconnectDelay CCLAS program setting defines the delay time between these attempts.

In the LICENCE table, the LastLogin date for the connection is updated to the current system date-time, and the In use setting for that licence slot becomes checked.

If the LoginOutEventLogFile GLOBAL setting contains a file name, then login and logout events are written to the file. If the file name is blank but the LoginOutNTEventLog GLOBALsetting is enabled, then login and logout events are written to the NT Event Log file on non Win 95/98 computers.

If the ShowTipOfTheDay GLOBAL setting is enabled, then a tip from the file defined by the TipOfTheDayFile GLOBAL setting displays. Further tips are accessed by selecting the Next Tip.

Then the V3 Menu, V2 Menu, or launched application displays.

Controlled Access to Applications

All CCLAS EL applications have controlled access depending upon the AccessLevel program setting for the related CCLAS EL application. For example, the AccessLevel CCLAS program setting controls the level of access you have to the CCLAS Menu application, and the AccessLevel CONFIG program setting controls the level of access you have to the Config application. The levels of access you have is dependent on your level of responsibility. As an example, a laboratory manager has the ability to validate data entry values, whilst a laboratory operator does not have that function.

Controlled Access to Resources

The level of access you have is dependent on your level of responsibility.

Every user has a list of security permissions, each of which comprise a role and laboratory. A user can have multiple roles per laboratory. A security permission can comprise a role for all laboratories. As an example, a laboratory manager has the ability to validate data entry values, whilst a laboratory operator does not have that function.

A role is a collection of rights to applications, methods and attributes. This is set up by the system administrator.

When you log into a laboratory, each role applicable to you for that laboratory is overlaid to set your initial security permission such that, you obtain the highest (most power) access rights and permissions from all roles that you have for the laboratory:

  • If any role gives full access to an application, then full access is granted to that application.
  • If any role gives read-write access to a class attribute, then read-write access is granted to that attribute.
  • If any role gives full access to a class method, then full access is granted to that method.
  • Some methods allow for split-level operational security:
    • If an object is an org-scope object then only a user with a security level of 'Org Only' or 'Lab and Org' or 'Full' can execute that method. If an object is a lab-scope object then only a security level of 'Lab Only', 'Lab and Org' or 'Full' can execute that method.
    • As access levels are hierarchy based, if the user has roles with both 'Lab Only' and 'Org Only', then the user account acts like they have access level 'Lab and Org'.
    • If any role gives access level 'Lab and Org' to a method, then effectively, an access level of 'Full' is granted to that method. The PREFERENCE and SCRIPT class methods are an exception to this rule as they have multiple levels that are different to Lab and Org.
    • The following objects have methods (for example, Create, SaveAs, Update, Read, Search, Delete) which are implemented with split-level operational security:
      • Biofields
      • Canned Comments and Canned Comment Groups
      • Category Types and Categories
      • Clients, Client Addresses, Contacts, Contact Addresses, Projects, Client Quotes
      • Container Types
      • Cost Centres
      • Devices
      • Hazards
      • Instrument Groups
      • Methods and Method Accreditations
      • Products, Product Hazards, Product Specifications
      • Product Specification Groups
      • QC Masks
      • QC Types
      • Range Tables
      • Rounding Tables
      • Sample Handlings
      • Schemes, Scheme Version and Scheme Version Analytes
      • Scheme Groups
      • Specifications
      • Standards, Standard Lots and Specifications
      • Units

    The following objects and methods (specific methods) are implemented with split-level operational security:

    • Biofield: Approve, Unapprove and ImportBiofields
    • PriceBook: UpdatePrices
    • Product: Activate, Approve, Unapprove, Promote, Suspend, ImportPRoducts
    • Scheme: Approve, Unapprove, ImportSchemes
    • Specification: Activate, Suspend, Promote
    • SpecificationSchemeVersionAnalyte: CreateFromAnalyte
    • Standard: Activate, Deactivate, Promote, Suspend, Approve, Unapprove