This page is no longer maintained and may contain obsolete information.
Access to the CAST portals is governed through users and roles on a "global portal" basis - i.e. user/role administration is accessible from each portal and is valid for each portal. CAST, however, recommends that you:
- Login to the CAST Discovery Portal to manage Discovery Portal users/roles
- Login to the CAST Engineering Dashboard to manage dashboard users/roles
As a result a user can login to either portal, depending on the rights and roles granted to it.
Managing users and roles
To manage users and roles:
CAST Engineering Dashboard | CAST Discovery Portal |
---|---|
Use the Quick Access page (Quick Access ) and select the Access to Users Administration Page in the Administrator Pages sub-section: | To manage users and/or roles, click Access to Users Administration Page located in the Discovery Portal Admin section: |
This will take you to the Users and Roles configuration section:
Note that changes made here are valid for both the CAST Engineering Dashboard and the CAST Discovery Portal.
Roles
To manage roles, click the Roles Administration option. This option enables a user with Administrator privileges to add, update and delete roles. Roles define:
- What information in the Portfolio Tree (on a per-branch basis) can be consulted
- What information in the Organization Tree (on a per-branch basis) can be consulted - only if an Organization Tree is uploaded
- Site Selection - this option is specifically for granting/denying access to certain CAST Analysis Services when using both the CAST Engineering Dashboard and the CAST Discovery Portal.
The following diagram indicates how roles function:
To configure roles, you need to populate the Dashboard Service with Quality Rule data via the generation of a snapshot - see Onboarding an Application in CAST AIP for more information.
Add a new role
- Click Add, then enter an Id and a Name for the role in the Details section (the Id can be used to describe the role in technical terms, the Name is a more simple way to describe the role) and choose a Responsibility level for the new Role:
- The Id can contain ONLY alphanumeric characters (A-Z, a-z and 0-9) and MUST NOT be left empty.
- The Name (simply a description of the role) can contain ONLY alphanumeric characters (A-Z, a-z and 0-9) and MUST NOT be left empty.
- The Responsibility level functions as follows:
End-user | Ability to display the results of the quality and quantity assessments |
End-user (without access to violations) | Ability to display the results of the quality and quantity assessments, excluding the list of violations |
Power User | End-user access with the ability to select a violation for exception |
Manager | Power-user access with the ability to select a violation for action |
Where multiple Roles are assigned to a single User, the most permissive Responsibility level is granted.
- Now move down to the lower sections Portfolio Tree Branch Selection, Organization Tree Object and Site Selection.
- The Portfolio Tree Branch Selection section lists the portfolio tree as defined in the CAST Management Studio. Select the branches that will be accessible for the new role:
- Repeat this process for the Organization Tree Selection section - this may be empty if you have not uploaded an optional Background Facts file in the CAST Management Studio - see Background Facts and Business Value Metric upload for more information.
- The Site Selection section will contain a list of CAST Analysis Services that have already been defined via the CAST Management Studio - this section is used for defining access to these CAST Analysis Services, for use when a user (with a role) uses the Technical Context link in the CAST Engineering Dashboard (see Deploy the CAST web applications).
- Select the site you want to grant the role access to:
- To create the new role, click the Save button. You will now return to the page that lists the Roles you have defined:
Note that the Assignment column indicates (with the value "Yes") whether any users have been given this role.
- Now click Back to return to the main Users Access Administration page
Update an existing role
- To update an existing role, click the Roles Administration option in the Users Access Administration page.
- Select the role you want to update by selecting the radio button that corresponds to the role:
- Click Update and make the changes you require. Remember to Save the modifications.
Delete an existing role
- To delete an existing role, click the Roles Administration option in the Users Access Administration page.
- Select the role you want to delete by selecting the radio button that corresponds to the role:
- Click Delete and confirm the removal.
Note that if the role has already been assigned to a user or users, you cannot delete the role. A message will indicate this and the delete action will not be carried out.
Users
To manage users, click the Users Administration option. This option enables a user with Administrator privileges to add, update and delete users. It is possible to define the following items for a user:
- User Id (a technical identifier, used in the Login field during initial dashboard login)
- Name (a simple way to describe the user - this is also displayed in the Dashboard header)
- Password (case-sensitive)
- Language (to be used on each page in the Dashboard - currently only English is fully available, other languages are partially available).
- A home page to be displayed when the user logs in
- Role (to define what information can be consulted)
The page lists the users that are already registered:
If you are using Active Directory / Kerberos integration or authentication (see CAST-CED - Active Directory LDAP and Kerberos integration) then you do not need to create a user for every person that needs access to the CAST Engineering Dashboard/CAST Discovery Portal.
Predefined users
As shown in the image above, CAST provides several pre-defined users. Content of the CAST Engineering Dashboard (i.e. what is displayed in the three tabs) is tailored to the needs of the user you are logging in with via various available Home Page views.
User and home page association
Username | User ID | Description | Home Page views used |
---|---|---|---|
CAST | CAST | Default administration user | FRAME_PORTAL_INVESTIGATION_VIEW |
Business Owner | OWNER | Primary concerns are the gain of visibility on critical applications to make arbitrage on risk, and anticipate problems | FRAME_PORTAL_RISK_VIEW |
VP App Dev | VPAD | Primary concerns are the gain of visibility on owned portfolios of applications to deliver on time on quality to different business people, while decreasing maintenance costs | FRAME_PORTAL_PORTFOLIO_VIEW |
Chief Architect | CARCH | Primary concerns are the gain of visibility on owned applications regarding their compliance to norms, standards, architectural design, etc. | FRAME_PORTAL_COMPLIANCE_VIEW |
Outsourced Project Manager | OPM | Primary concerns are the gain of visibility on delivered outsourced applications | FRAME_PORTAL_SLA_VIEW |
Consultant | CST | Primary concerns are the gain of visibility on audited applications | FRAME_PORTAL_ASSESSMENT_VIEW |
Technical Project Manager | TPM | Primary concerns are the gain of visibility on owned applications on both quality and quantity; regarding quality, this is about gaining visibility on improvements as well as degradations; regarding quantity, this is about gaining visibility on source code evolutions | FRAME_PORTAL_PROJECT_VIEW |
KeyUser | KEYUSER | Primary concerns are the definition of improvement areas regarding application quality, based on their expertise on the applications and the visibility on measured improvements and degradations. | FRAME_PORTAL_PROJECT_VIEW |
Chief Financial Officer | CFO | This user is ONLY relevant when the EFP/AFP (Enhancement Function Points/Assessment Function Points) license has been purchased. It provides access to a view that requires data that can only be accessed when the correct license is in place. If the correct license is not installed, then an error message will be displayed when you attempt to access the view informing you that you do not have rights to view the required data. | FRAME_PORTAL_AFP_VIEW |
- You can find out more information about each Home Page view in the CAST Engineering Dashboard - CED.
- Each pre-defined user is granted "Administrator" rights (i.e. can see everything and can manage sites, users and roles)
- All predefined users have the same password: "CAST".
Adding a new user
- To add a new user, click the Add button:
- Enter an Id - this is used in the Login field when accessing the dashboard. The Id can ONLY contain alphanumeric characters (A-Z, a-z and 0-9), but MUST NOT START with a numeric character (0-9). The field is limited to 11 characters or less and MUST NOT be left empty.
- Enter a name for the user - this is simply an easy way to describe the user and it is also displayed in the Dashboard header. The name can ONLY contain alphanumeric characters (A-Z, a-z, 0-9) and blank spaces. The field is limited to 200 characters or less and MUST NOT be left empty.
- Enter a password (passwords are case-sensitive). The password can ONLY contain alphanumeric characters (A-Z, a-z, 0-9), blank spaces, dots (.) and the at sign (@). The field is limited to 90 characters or less.
- Select a language (currently only English is fully available, other languages are partially available)
- Choose whether you want the user to have Administrator rights. Selecting this option will mean that the user can view all data (regardless of any roles), modify existing users and roles, create new users and roles and delete existing users and roles - use with care.
Note that a user with Administrator rights does not need to be assigned a role.
Enter a default home page using a frame name. When the new user logs in, the chosen home page will be displayed by default. CAST will pre-fill a default home page and you can either leave it as is or replace it with a different home page as required. You can find home page names simply by copying and pasting the information immediately after the ?frame= in the URL - you can find a description of each page in the CAST Engineering Dashboard - CED). Note that in the CAST Discovery Portal, the main page is FRAME_PORTAl_QUICKACCESS_AIP - if you omit a home page then this page will be sued by default.
You can also add extra parameters such as &object=, &snapshot=, &metric= (copied and pasted from the page you are targeting).
If you have created a role then you can also assign a role to the user. This will mean that the user will only be able to see the information that corresponds to the items you selected during the creation of the role.
- To create the new user, click the Save button. You will now return to the page that lists the Users you have defined:
Note that the Access role assigned? column indicates (with the value "Yes") whether the user has been assigned a role.
- Now click Back to return to the main Users Access Administration page.
Update an existing user
- To update an existing user, click the Users Administration option in the Users Access Administration page.
- Select the user you want to update by selecting the radio button that corresponds to the user:
- Click Update and make the changes you require. Remember to Save the modifications.
Please make sure you always retain one user with Administrative rights.
It is NOT possible to update the CFO user (in particular its password) if the EFP/AFP (Enhancement Function Points/Automatic Function Points) license has NOT been purchased and installed. It provides access to a view that requires data that can only be accessed when the correct license is in place. As such, when a change is made to the CFO user, access to the view is verified by the CAST Engineering Dashboard. If access fails (i.e. because the correct license is not installed), then you cannot save the changes you have made.
Delete an existing user
- To delete an existing role, click the Roles Administration option in the Users Access Administration page.
- Select the user you want to delete by selecting the radio button that corresponds to the user:
- Click Delete to remove the user.
Please make sure you always retain one user with Administrative rights.