MSI Integration Prerequisites
Before beginning the integration of MSI, it is necessary to check the configuration of certain components in the system. This section will cover these prerequisites.
The MSI interface of system:inmation is implemented via the Web API and uses the provided access control mechanism as follows:
In order to connect with the MSI interface, an access token is required, which is issued on a 'per user' basis. In this case, a 'user' does not refer to a specific person, but to a user account within the system. This system account sends and reads data from the MessageProcessor object created within the I/O Model.
Communication from MES-to-Shopfloor requires a write operation and for Shopfloor-to-MES, a read operation is needed. Therefore, the user needs write and read access on the Message Processor object. If the connected user doesn’t have sufficient user rights, the http request will return an error 401 with an additional error message.
The Web API is the system component that is used to transfer messages between the layers, so it is important to check that the Web API is both running and configured correctly. In DataStudio, go to the Server Model, select the Web API object and look at the Object Properties panel.
The Base Address port number (default 8002) should be noted as it may be needed later for firewall configuration.
For security reasons, the Enable Run Script property should not be enabled.
If the Web API is running and appropriately configured, it should display two green lights in the Server Model.
In the standard configuration, the Web API permits a connection using Basic Authentication with a Profile, using TLS-SRP for encryption. For a production environment, a dedicated Profile/User is recommended.
Also, for further information about using Profiles for authentication, see the Working with System Security JumpStart.
Prior to further configuration, a System ID and System Name for the MSI interface in PAS-X need to be defined. The System ID is used by PAS-X to route the messages received from the system internally.
The System Name is used within the Master Batch Record (MBR) to address the right system with the Interface BF.
The System Name is not used by the system and so, only the chosen System ID needs to be configured as a property in the
Message Broker I/O model object.
All MSI related objects of the I/O model must be located on a Core component, which the Web API must also communicate with. If the Web API is assigned to a different core, or the MSI objects are placed on a Connector component, then communication between the Web API and Message Broker is not possible.