This article describes how to add Restrictions to user accounts in the SNIP NTRIP Caster. Every NTRIP Client connection to the Caster (every user) requires a valid user account, (a name and password to connect with). And each of these accounts can be further restricted in various ways. Use this feature to achieve a fine level of control over what resources (Base Stations) each user is allowed to connect to. This article summarizes the various ways a user account can be restricted.
New Users
When a new user is created (or an existing user account is edited) a user dialog is presented (click to enlarge image). This article describes the basic process to add a new user. The Basic Settings tab is available in all models of SNIP and is used to create and edit User Accounts. The other tabs are all used to add restrictions to the way in which the user account can connect. Note: These are all advanced features and depend on the presence of an active “Enhanced User Management” Plug-In to be used.
Restrictions are cumulative. That is, a user may be blocked from connecting if ANY of the restrictions on that user account are found to be true. In the tabs of the dialog a checkbox icon (√) is displayed for any tab that has active restrictions set. An X is used when the restriction has triggered (such as a user whose allowed connection time has past). Similar visual indicators are used in the table dialog that displays all users.
Restrictions
Each user account can be restricted in a a number of ways. A article which describe in greater detail the use of each restriction type may be found in the links below.
Restrict by Connection Time
The feature is used to disable a user’s ability to connect past a predetermined date and time. Caster operators who sell access time to their customers can use this feature to control access to paying clients. Use this feature if you wish to grant another party short term access to the Caster or (on conjunction with other restrictions below) access to a specific Base station (or stations) for a predetermined period of time.
Its use is described further in this article.
Restrict by Base Stations the User can or cannot use
The feature is used to control the user’s ability to connect to a controlled list of Base Stations. When using this restriction, the user can have either a defined list of Base Stations they are allowed to connect to, or a list of stations they are not allowed (prevented) from connecting to. Use this feature to limit certain user accounts to certain Base Stations. The default state is that all valid user accounts can connect to all valid/active Base Stations.
Its use is described further in this article.
Restrict by User Agents (software) the User can or cannot use
The feature is used to control the user’s ability to connect only with a controlled list of NTRIP Clients (in other words the software they use to connect with). This feature uses the “Agent” string which all client devices provide when first connecting. When using this restriction, the user can have either a defined list of Agents they are allowed to connect with, or a list of Agents they are not allowed (prevented) from connecting with. The default state is that all valid Agents can connect to all valid/active Base Stations.
Its use is described further in this article.
Restrict by IP Addresses the User can or cannot use
The feature is used to control the user’s ability to connect from a controlled list of IP addresses. When using this restriction, the user can have either a defined list of IPs they are allowed to connect from, or a list of IPs they are not allowed (prevented) from connecting from. The default state is that all valid IPs (except those on the active IP ban list) can connect to all valid/active Base Stations.
Its use is described further in this article.
Restrict by MAC Addresses the User can or cannot use
The feature is used to control the user’s ability to connect from a controlled list of MAC addresses. When using this restriction, the user can have either a defined list of MACs they are allowed to connect from, or a list of MACs they are not allowed (prevented) to connect from. The default state is that all valid MAP addresses may connect to all valid/active Base Stations.
Its use is described further in this article.
Restrict by Hourly Usage (total use time)
The feature is used to control the total amount of time the User Account can be connected to the Caster. When using this restriction, the duration of each valid user connection is measured and accumulated. When a preset limit for that user is reached, the user may no longer connect to the Caster. Various email alerts are provided to inform both the account owner and the Caster operators when the time used is nearing its end point. The default state is to disabled this restriction.
Its use is described further in this article.
Restrict by Geo Fence the User must remain within
The feature is used to control the user’s ability to connect to a predefined region of use. When using this restriction, the user must report a NMEA-183 $GGA location that is within the prescribed region or they will be disconnected. The default state is that any reported NMEA-183 $GGA location may connect.
Its use is described further in this article.
General Controls for Allow & Prohibit lists
Several of the restrictions tabs use a common set of controls to create the lists of allowed and prohibited items they apply to a specific user account. These controls all work the same way, although the valid content differs with each tab (the below image is taken from the Base Station restrictions tab).
The Select All button checks all the items on the list (including any hidden ones which will also be shown). The list is increased to show all known valid values. This is a convenience button, to be used when more items will be checked than not checked. Logically speaking, there is no point in having a list with all possible choices enabled; it is better to disable the restriction itself (with the ‘activate’ button).
The Select None button performs the inverse of this, deselecting all items and showing them all (including hidden items). This is also a convenience button, to be used when more items will be UN-checked than checked.
The Add… button allows the operator to enter a valid value that is not yet present in the Caster. [For example, a Base Station name that is not part of the SNIP the Caster setup when this dialog was opened.]
The Restore button return the list to its last stable state.
A checkbox called Hide Those Not Selected (found at the bottom of the tab) is used to hide items which are not checked. This has value for clutter reduction on Casters with large Base Stations lists so that the operator can clearly see what has been selected.
Additional Restrictions by geographic area, and by data consumption levels/limits are also being developed.