Page tree
Skip to end of metadata
Go to start of metadata

Summary: This section details how to configure a license key for accessing a Dashboard schema via a CAST dashboard web application (e.g. Engineering/Security Dashboard, RestAPI...).

Introduction

When you want to access a Dashboard schema, a special license key is required. This license key grants specific access to one or multiple Dashboard schemas for the web application in which the license key is installed. There are two types of license key:

  • current (introduced in January 2022)
  • legacy

See below for more information about each.

Users that have been granted the ADMIN role do not require a license key to access a Dashboard schema. A user with the ADMIN role can ONLY use the dashboard for validating new snapshots during the initial application on-boarding process. The ADMIN role MUST NOT be used for on-going end-user use of the dashboard.

Current license type

The current license key was introduced in January 2022. Some examples are shown below:

This type of key restricts access as follows:

  • Scope = either the number of Contributing Developers (aka 'CDs') or else the name of an Application along with its size (#LOC) and complexity (used technologies)
  • Period = the duration of the purchased License, the most typical terms being 3 months, 1 year, 3 years, 5 years, and perpetual

This type of key restricts users are follows:

  1. Purchased CAST data = INSIGHT (stands for Imaging and/or any of the 3 Dashboards: these are defined as P1=Imaging, P2=Health, P3=Engineering, P4=Security)
  2. Named user for consumption = individual with a non-floating, unique and personal access rights to the purchased CAST data
  3. Period = the duration of the purchased License, the most typical terms being 3 months, 1 year, 3 years, 5 years, and perpetual

Legacy license type

The legacy key is accepted in all Dashboards regardless of release:

This key restricts users via a token system in two ways:

  1. A GLOBAL token is consumed for each named user authorized to access "All Applications" in all the target Dashboard schema(s) - for example an Architect
  2. A UNIT token is consumed for each named user authorized to access a named Application in a specific Dashboard schema - for example a Project Leader
  • A RESTRICTED key will have a specific number of GLOBAL and UNIT tokens assigned to it. In the example above, "2/4" tokens is equal to 2 GLOBAL tokens and 4 UNIT tokens.
  • An UNRESTRICTED key will not specify the number of GLOBAL and UNIT tokens assigned to it. In the example above, "2/4" tokens section is replaced by "Unrestricted".
  • This legacy license key is not limited in time and can be used indefinitely.

UI behaviour when using a legacy license key

All existing valid legacy license keys will function exactly as they are intended, however, if you are using one, users with the ADMIN role will now see a message explaining that a new license key type exists and that you should contact support to get more details. This message can be ignored for the time being, and all functionality will remain available:

Where do I obtain a license key from?

A license key can only be generated by CAST Support. Please open a new ticket and request a license key for your CAST Dashboards.

How do I install a new or edit an license key?

≥ 2.5 UI method

A specific license key UI is available. To access it browse to the following location - your login must have the ADMIN role:

http://<server>:8080/<dashboard>/authorisation/index.html

Or use the following option:

The interface is available in the License tab:

Enter your license key using the Edit option:

If you are using the standalone RestAPI JAR/WAR without a UI, you can define your license key using the legacy "license.key" file method for 1.x and 2.0 - 2.4 described below, or using the RestAPI itself.

1.x and 2.0 - 2.4 - legacy license.key file method

  • First create a new empty text file
  • Rename the new text file license.key
  • Now open the text file in a text editor and paste the license key that you have been sent into the first line.
  • Save the license.key file.
  • Now copy or move the license.key file to the following location:
WAR 1.x
CATALINA_HOME\webapps\<dashboard>\WEB-INF\license.key

WAR ≥ 2.x
CATALINA_HOME\webapps\<dashboard>\WEB-INF\classes\license.key

ZIP ≥ 2.x
<unpacked_zip>\configurations\license.key
  • Following any changes you make, restart your application server so that the changes are taken into account.

This "legacy" method is still available for users of v. ≥ 2.5 but we would encourage you to use the UI method described above.

Using the RestAPI (any release)

Use the following URI in PUT mode:

http://<server>:<port>/rest/server/license

With the following .JSON payload:

{
	"key": "<license_key>"
}

How can I check whether a license key has been successfully installed?

To check whether a license key has been successfully installed in the web application, you can use the RestAPI interface. Open a browser and go to the following URL, ensuring that you modify it to conform to your environment:

WAR:
http://<server>:<port>/<dashboard>/static/default.html

JAR/ZIP:
http://<server>:<port>/static/default.html

Login (using the Basic Authentication field with any user (it does not have to be a user that has the ADMIN role)). Now enter "server" in the URI field and click Submit:

The result will be shown in the Response (Pre-view) tab. In this example, you can see that a restricted license key has been installed:

Note that the following statuses may be returned:

StatusDescription

UNRESTRICTED_LICENSE

An unrestricted license has been successfully installed.

RESTRICTED_LICENSE

A restricted license has been successfully installed.
GLOBAL_ACCESS_TOKENS_EXCEEDEDThe number of GLOBAL tokens on a restricted license has been exceeded.
UNIT_ACCESS_TOKENS_EXCEEDEDThe number of UNIT tokens on a restricted license has been exceeded.

NO_LICENSE_KEY

No license.key file exists at the expected location.
INVALID_LICENSE_KEYThe license.key file exists at the expected location but the license key itself does not conform to the expected format.
CANNOT_ACCESS_LICENSE_KEYThe license.key file exists at the expected location but the license key itself does not exist.
INVALID_LICENSE_FILEThe license.key file exists at the expected location but the file is invalid or corrupt.

How to authorize users when using a RESTRICTED license key

If you have installed a restricted license key (i.e. a key that specifies the number of GLOBAL/UNIT tokens), you can authorize named users to access either ALL the applications in all the target Dashboard schemas (a GLOBAL token), or you can authorize named users to access a named Application in a specific Dashboard schema (a UNIT token).

This authorization is achieved using the following XML file, which you can edit in a text editor - see Data authorization for more information:

WAR 1.x
CATALINA_HOME\webapps\<dashboard>\WEB-INF\license.xml

WAR ≥ 2.x
CATALINA_HOME\webapps\<dashboard>\WEB-INF\classes\license.xml

ZIP ≥ 2.x
<unpacked_zip>\configurations\license.xml

JAR ≥ 2.x
Windows: %PROGRAMDATA%\CAST\Dashboards\<dashboard>\license.xml
Linux: /root/ProgramData/CAST/Dashboards/<dashboard>/license.xml

Authorization is achieved by adding a line into the file. Each line you add to file will use up ONE single GLOBAL or UNIT token.

Note that when a RESTRICTED license key is installed, any authorizations that you have configured in the authorizations.xml file (see Data authorization) will be completely ignored. In other words:

  • only the authorizations listed in license.xml will be taken into account when a RESTRICTED license is installed.
  • it is not possible to define authorizations based on groups, the allUsers scope, patterns, tags, categories etc. when a RESTRICTED license is installed.

Authorize a named user to access ALL Applications in ALL the target Dashboard schemas

Add the following line under the commented text to grant the user "James" access to ALL applications. Doing so will use ONE single GLOBAL token:

<!-- Each following line will consume a global access token -->
<authorization user="James" allApplications="true"/>

Following any changes you make, save the license.xml file and restart your application server so that the changes are taken into account.

Authorize a named user to access a named Application in a target Dashboard schema

Add the following line under the commented text to grant the user "John" access to the "MEUDON" Application stored in the "V83_CENTRAL" Dashboard schema. Doing so will use ONE single UNIT token:

<!--Each following line will consume a unit access token -->
<authorization user="John" application="MEUDON" adgDatabase="V83_CENTRAL"/>   

Following any changes you make, save the license.xml file and restart your application server so that the changes are taken into account.

What happens on a RESTRICTED license key if I authorize more users than I am licensed for?

Take the following situation:

  1. You are using a RESTRICTED license key (i.e. a key that specifies the number of GLOBAL/UNIT tokens)
  2. You are limited to 2 GLOBAL tokens (2 users with ALL Application authorization) and 5 UNIT tokens (5 users with named Application authorization) on your license key
  3. You authorize (via the license.xml file) either:
    1. 3 users to access ALL Applications
    2. 6 users to access a named Application

In either situation you are in breach of your license. A message will be displayed on every page in the dashboard as follows:

THIS SOFTWARE IS SUBJECT TO A LIMITED ACCESS.
There are too many authorized users to connect to your Dashboard.
To avoid this limitation, you can contact your CAST Project Manager to update your licensing terms & conditions.

What should you do when you receive the "limited access" message?

If you receive the message described above, you have two options:

  1. Review and reconfigure the users that have been authorized to access data in the Dashboard schema using the license.xml file - i.e. decrease the number of users that have been granted access.
  2. Contact the CAST Consultant responsible for your project, or contact your Account Manager to request an update to your license.

What happens if I attempt to access data when no license key is present?

If a user attempts to login to the dashboard when no license key has been configured, the following message will be displayed:

Note that users that have been granted the ADMIN role do not require a license key to access a Dashboard schema. Out of the box, no user in Default Authentication mode has this role.



  • No labels