This documentation section provides the following information:
- How to connect and login to the Security Dashboard
- What sort of information is displayed in the dashboard
- A simple explanation of the dashboard interface
If you need to know more about how to deploy the Security Dashboard, please see: Deploy the CAST Security Dashboard.
Connecting to the Security Dashboard
To connect to the Security Dashboard, browse to the URL provided by your CAST Administrator. This will usually be in the following format:
http://<server>:[port]/CAST-Security
The login page will then be displayed:
Logging in/logging out
Login
To login to the Security Dashboard
- Enter USERNAME and PASSWORD
- Click Log In button.
Depending on the authentication mode configured by the CAST AI Administrator (see Deploy the CAST Security Dashboard for more information) you need to login with a given username and password, or your corporate username and password. If in doubt, contact your CAST AI Administrator.
If for any reason a user cannot access the Security Dashboard (they do not have a login or they have forgotten their password), it is possible to configure a "Can't access" link to be displayed on the dashboard login page. Please see Lost password and request access configuration (from the CAST AIP documentation) for more information.
Login issues
This section describes some of the reasons why you may not be able to login to the dashboard:
The message displayed on login can be tailored to your own organization's needs. Please see Modifying login error messages (from the CAST AIP documentation) for more information.
Not authorized
If you are not authorized to view any data in the Security Dashboard, then upon login a message will be displayed as follows and no further use of the dashboard is allowed:
The data authorization is explained in Data authorization.
No license key
If you attempt to login to the Security Dashboard when no license key has been configured, the following message will be displayed:
Logout
Click the logout button to logout from the dashboard:
Session timeout mechanism
By default, a session timeout mechanism is in use. When the dashboard detects a session timeout (i.e. there is no GET or POST activity) users will be notified to continue the session (if within the timeout period) or log back in (if the timeout period has expired) to the system. On timeout, the following dialog box will be displayed - this indicates (in the upper right corner) how many seconds are remaining before a re-login will be required - the default remaining seconds is set to 10. Clicking Continue will return to the session without requiring a login:
Click to enlarge
If the Time left gets to 0, then the Continue button will be disabled and the re-login button will be activated. Clicking Re-login will return the user to the login screen where authentication is required to continue the session:
Click to enlarge
Note:
- When SAML/SSO authentication is in operation, users will be redirected to the dashboard home page (i.e. no need to re-login) when they click the Re-Login button.
- You can modify the remaining seconds before a login is required by editing the ced.json/ed.json file and adding the alertTimeoutInterval parameter. See Engineering Dashboard json configuration options for more information.
Check for update
Check for update option is available only for Admin users.
Clicking the Check for update option will display a dialog box showing the current Dashboard version information, and whether a new version is available:
