Securing individual Items or Bindings

Hi All,

I understand the possibility of securing openhab access by connection type. However, I am wondering if there is a way to secure an individual Item, Group or Selection such that it asks for a password or key prior to changing state.

An example: I have an open access configuration, IE no pass codes to bring up the sitemap and execute switches. One of the devices I have is a coffee machine on a binary switch. I would like to somehow secure that switch only within the sitemap. How could I add a password or key/pin type feature to the switch or interface in order to secure the coffee machine from unauthorized use.

thanks for your excellent help and guidance!

Unfortunately with OH 1.x security is all or nothing. You cannot secure just one or two items or groups.

I’m sure someone might be able to suggest some sort of setup with a proxy or an alternative UI that might help out, but stock out of the box OH 1.x won’t support this. I’ve no idea about OH 2 though.

I have similar ideas where I want my houseguest to only access some items.

is it possible to use different Sitemaps for different users ?

so in pckinzley example - he would be using a separate sitemap with only difference is that coffee machine item is only in pckinzley sitemap.

another way would be to make a rule that checks the order some dummy switches (dummy 1, dummy 2, dummy 3 …) are clicked on - if right order = pincode is pressed then item coffee machine is visible for 30 seconds.
Would that be possible.?

I know of no way to have different login credentials for different sitemaps. The best I can recommend is to set up another web server, implement credentials on that web server, and create your own web page that calls the openHAB through the REST API. There is a whole lot of other stuff you have to do to secure this though. It is not a small project.

Does someone know if in OH2 they planned to introduce user->sitemap restriction?

I think that this feature would open to many new possibilities: we could implement openhab also in hotels and residence where we want to allow guest to use only devices in their apartment/room

1 Like