Page tree

Versions Compared

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

...

The installation process is divided into various steps:

Step 1Unpack the ZIP file
Step 2

Configure the connection parameters

Step 3Install the license key
Step 4Install the Microsoft Windows Service to start/stop the application server - optional
Step 5Start the dashboard and test connection
Step 6Configure user authentication
Step 7First login and become admin - ≥ 2.1 only
Step 8Configure roles
Step 89Generate snapshot data for display
Step 910Configure data authorization

...

Anchor
step2
step2
Step 2 - Configure the connection parameters

Expand
Modify application.properties to define connection to CSS/PostgreSQL for AIP schemas

When the ZIP has been unpacked you now need to configure the application.properties file to tell the web application on which CAST Storage Service/PostgreSQL instance the Dashboard schemas are stored. This file is located here:

Code Block
<unpacked_zip>\configurations\application.properties

Locate the following section in the file:

Code Block
## DATASOURCE
# Resource1 is the datasource name used in domains.properties
# Adapt server name (localhost) and port (2282) if required
# You can add multiple datasources if you want to connect to multiple CSS Servers. Datasource name must be unique
# You have to configure your domains names and relative schema names in domains.properties
restapi.datasource[0].url=jdbc:postgresql://localhost:2282/postgres
restapi.datasource[0].username=operator
restapi.datasource[0].password=CastAIP
restapi.datasource[0].poolname=Resource1
restapi.datasource[0].minimumIdle=10
restapi.datasource[0].maximumPoolSize=20

If all your Dashboard schemas are located on one single CAST Storage Service/PostgreSQL instance then you need to modify the url, username and password entries to match your target CAST Storage Service/PostgreSQL, for example:

Code Block
## DATASOURCE
# Resource1 is the datasource name used in domains.properties
# Adapt server name (localhost) and port (2282) if required
# You can add multiple datasources if you want to connect to multiple CSS Servers. Datasource name must be unique
# You have to configure your domains names and relative schema names in domains.properties
restapi.datasource[0].url=jdbc:postgresql://192.168.200.104:2282/postgres
restapi.datasource[0].username=operator
restapi.datasource[0].password=CastAIP
restapi.datasource[0].poolname=Resource1
restapi.datasource[0].minimumIdle=10
restapi.datasource[0].maximumPoolSize=20

If your Dashboard schemas are located on multiple CAST Storage Services/PostgreSQL instances, you need to add in the additional servers as shown in the example below:

  • Ensure that you modify the url, usernamepassword and resource entries to match your target CAST Storage Service/PostgreSQL. In particular, the resource entry must be unique within the application.properties file.
  • The [0] must also be incremented for additional CAST Storage Service/PostgreSQL instances, for example, use restapi.datasource[1]restapi.datasource[2] etc.
Code Block
## DATASOURCE
# Resource1 is the datasource name used in domains.properties
# Adapt server name (localhost) and port (2282) if required
# You can add multiple datasources if you want to connect to multiple CSS Servers. Datasource name must be unique
# You have to configure your domains names and relative schema names in domains.properties
restapi.datasource[0].url=jdbc:postgresql://192.168.200.104:2282/postgres
restapi.datasource[0].username=operator
restapi.datasource[0].password=CastAIP
restapi.datasource[0].poolname=Resource1
restapi.datasource[0].minimumIdle=10
restapi.datasource[0].maximumPoolSize=20

restapi.datasource[1].url=jdbc:postgresql://192.168.200.105:2282/postgres
restapi.datasource[1].username=operator
restapi.datasource[1].password=CastAIP
restapi.datasource[1].poolname=Resource2
restapi.datasource[0].minimumIdle=10
restapi.datasource[0].maximumPoolSize=20

Save the file before proceeding.

Info
titleminimumIdle and maximumPoolSize

The following options are used to govern the connections from the web application to the target CAST Storage Service/PostgreSQL instance:

Code Block
restapi.datasource[0].minimumIdle=10
restapi.datasource[0].maximumPoolSize=20

CAST recommends using the default options unless you are experiencing performance issues. The options are used as follows:

minimumIdle

The minimum number of connections that should be kept in the pool at all times (even if there is no traffic). Default value is 10.  Idle connections are checked periodically.

maximumPoolSizeThe maximum number of active connections that can be allocated from this pool at the same time. The default value is 20.

See also Configure the Health Dashboard for large numbers of Applications.

Modify domains.properties

You now need to configure the domains.properties file which provides a link between the CAST Storage Services/PostgreSQL instances defined in the application.properties file and the Dashboard schemas containing the relevant snapshot data. This file is located here:

Code Block
<unpacked_zip>\configurations\domains.properties

This file is delivered empty as shown below:

Code Block
# Domains for SD
# empty lines in this file lead to connection error, remove all empty lines
# - You have to align [Resource1] with the resource name configured in application.properties
# - You have to replace [Central Schema1] by the central schema name
# - Domains names must be unique
# AED1=Resource1,[Central Schema1]
# AED2=Resource1,[Central Schema2]

For each Dashboard schema that you need to display in the CAST Security Dashboard, add one line to the file ensuring that there are no empty lines:

AED1This is known as the "domain" and this must be unique in the domains.properties file. Therefore for each Dashboard schema you need to display in the CAST Security Dashboard, you need to assign one unique domain. You can use any domain name notation you want, however, CAST highly recommends incrementing the number, i.e. AED1, AED2, AED3 etc.
Resource1This entry refers to the CAST Storage Service/PostgreSQL instance as defined in the application.properties file.
[Central Schema1]This entry refers to the Dashboard schema containing the relevant Application data.

For example, for one single Dashboard schema called "MEUDON_CENTRAL" stored in the CAST Storage Service/PostgreSQL instance defined in Resource1 in the application.properties file, add the following:

Code Block
# Domains for SD
# empty lines in this file lead to connection error, remove all empty lines
# - You have to align [Resource1] with the resource name configured in application.properties
# - You have to replace [Central Schema1] by the central schema name
# - Domains names must be unique
# AED1=Resource1,[Central Schema1]
# AED2=Resource1,[Central Schema2]
AED1=Resource1,MEUDON_CENTRAL

For multiple Dashboard schemas where all schemas are located in the same CAST Storage Service/PostgreSQL instance defined in Resource1 in the application.properties, add the following:

Code Block
# Domains for ED
# empty lines in this file lead to connection error, remove all empty lines
# - You have to align [Resource1] with the resource name configured in application.properties
# - You have to replace [Central Schema1] by the central schema name
# - Domains names must be unique
# AED1=Resource1,[Central Schema1]
# AED2=Resource1,[Central Schema2]
AED1=Resource1,MEUDON_CENTRAL
AED2=Resource1,SEVRES_CENTRAL
AED3=Resource1,PARIS_CENTRAL

For multiple Dashboard schemas where the schemas are located on different CAST Storage Services/PostgreSQL instances (Resource1 and Resource2) as defined in the application.properties file, add the following:

Code Block
# Domains for SD
# empty lines in this file lead to connection error, remove all empty lines
# - You have to align [Resource1] with the resource name configured in application.properties
# - You have to replace [Central Schema1] by the central schema name
# - Domains names must be unique
# AED1=Resource1,[Central Schema1]
# AED2=Resource1,[Central Schema2]
AED1=Resource1,MEUDON_CENTRAL
AED2=Resource2,SEVRES_CENTRAL
AED3=Resource2,PARIS_CENTRAL

Save the file before proceeding.

...

As explained in Dashboard Service license key configuration, when you want to access a Dashboard schema using the CAST RestAPI (i.e. via the Security Dashboard, or via the CAST Report Generator), a special license key is required. This license key grants specific access to one or multiple Dashboard schemas for the web application in which it is installed (i.e. the Engineering Dashboard or the CAST RestAPI).

...

Modify application.properties to define connection to CSS/PostgreSQL for the roles/permissions schema - ≥ 2.1 only

In ≥ 2.1 only, an interface exists to manage User roles - 2.x and above and Data authorization - 2.x and above - this interface stores all its records in a dedicated schema on a CAST Storage Service/PostgreSQL instance. This instance does not need to be the same as used for your AIP schemas (Dashboard/Measure schemas), however, the required schema is small and therefore CAST recommends using an existing CAST Storage Service/PostgreSQL instance to host it. The schema is created automatically when you start up your Dashboard deployment if it does not already exist.

The application.properties file contains a section dedicated to this schema - this file is located here:

Code Block
<unpacked_zip>\configurations\application.properties

Locate the following section in the file:

Code Block
#datasource configuration for user management
spring.datasource.url=jdbc:postgresql://localhost:2282/postgres?currentSchema=cast_dashboards
spring.datasource.platform=postgres
spring.datasource.username=operator
spring.datasource.password=CastAIP
spring.datasource.initialization-mode=always
spring.datasource.driver-class-name=org.postgresql.Driver
spring.liquibase.change-log=classpath:db/changelog/db.changelog-master.xml
spring.liquibase.default-schema=cast_dashboards
spring.liquibase.enabled=true

Change the line spring.datasource.url=jdbc:postgresql://localhost:2282/postgres?currentSchema=cast_dashboards to match the CAST Storage Service/PostgreSQL instance you intend to use for the roles/permissions schema, for example:

Code Block
#datasource configuration for user management
spring.datasource.url=jdbc:postgresql://192.168.200.104:2282/postgres?currentSchema=cast_dashboards
spring.datasource.platform=postgres
spring.datasource.username=operator
spring.datasource.password=CastAIP
spring.datasource.initialization-mode=always
spring.datasource.driver-class-name=org.postgresql.Driver
spring.liquibase.change-log=classpath:db/changelog/db.changelog-master.xml
spring.liquibase.default-schema=cast_dashboards
spring.liquibase.enabled=true

Save the file before proceeding. This will ensure that a schema called "cast_dashboards" is created on the target CAST Storage Service/PostgreSQL instance when you start the web application.

Anchor
step3
step3
Step 3 - Install the license key

As explained in Dashboard Service license key configuration, when you want to access a Dashboard schema using the CAST RestAPI (i.e. via the Security Dashboard, or via the CAST Report Generator), a special license key is required. This license key grants specific access to one or multiple Dashboard schemas for the web application in which it is installed (i.e. the Engineering Dashboard or the CAST RestAPI).

You must therefore install the license key and, if you are using a restricted license key, define data access authorization. These two steps are explained in Dashboard Service license key configuration in the sections How do I install a license key? and How to authorize users when using a RESTRICTED license key.

...

Expand

If you have deployed the ZIP file on Microsoft Windows and would like to control the application server via a Microsoft Windows Service, CAST provides an installation batch script to do this for you. Locate the following file:

Code Block
<unpacked_zip>\dashboard-service-install.bat

Double click this file to start the service installation. You may be prompted to accept a UAC warning:

On completion the service will be listed as CAST Dashboard Service with a startup type set to Automatic, log on as Local System and will not be running:

Image Modified

Info
  • The installer requires:
    • Java JDK/JRE ≥ 8
    • a JAVA_HOME system environment variable pointing to the installation location of the Java JDK
  • The .bat installer will configure the service to use the <unpacked_zip>\amd64\dashboard-service.exe. You may want to ensure that the unpacked zip file is in an appropriate location.
  • You can change the log on as, after the install has completed by right clicking the service and changing the options in the Log On tab:

  • The installer will set the service to use the following RAM memory - you may find that this is not sufficient. See Apache Tomcat performance considerations for information about memory requirements.
    • Initial memory pool = 256MB
    • Maximum memory pool = 1024MB


...

By default the dashboard is configured to run on port 8080 (this can be changed, see Modify the user access port for 2.x ZIP deployments). Use the following URL - where <server_name> is equal to the host name of the current server to access the dashboard. If you are testing on the server itself, you can use http://localhost:8080:

Code Block
http://<server_name>:8080

You should see the login page as follows - this indicates that the initial setup was successful:

Image Removed

Info
Error messages are documented in Error Messages.

...

This step involves configuring how your users will authenticate with the CAST Security Dashboard. Most organizations opt for LDAP/Active Directory integration so that users can use their corporate username/password to access the resources they need. The Security Dashboard also has a built in username/password authentication mechanism which is enabled "out of the box". See User authenticationthe host name of the current server to access the dashboard. If you are testing on the server itself, you can use http://localhost:8080:

Code Block
http://<server_name>:8080

You should see the login page as follows - this indicates that the initial setup was successful:

Image Added

Info
Error messages are documented in Error Messages.

Anchor
step6
step6
Step 6 - Configure user authentication

This step involves configuring how your users will authenticate with the CAST Security Dashboard. Most organizations opt for LDAP/Active Directory integration so that users can use their corporate username/password to access the resources they need. The Security Dashboard also has a built in username/password authentication mechanism which is enabled "out of the box". See User authentication.

Anchor
become_admin
become_admin
Step 7 - First login and become admin - ≥ 2.1 only

By default, the CAST Dashboard requires that at least one user is granted the ADMIN role following the first login after the User authentication configuration. This ensures that one user can access all data and cofiguration settings. See First login and become admin. This step is not required when using Dashboards 1.x and can be skipped.

Anchor
step7
step7
Step

...

8 - Configure roles

This step involves configuring roles for users and groups that are accessing the CAST Security Dashboard. See User roles.

Anchor
step8
step8
Step

...

9 - Generate snapshot data for display

Before your users can "consume" data via the CAST Security Dashboard, you need to generate snapshot data.

Anchor
step9
step9
Step

...

10 - Configure data authorization

An Authorization defines permission to access and "consume the data" in a specific Application or group of Applications via the CAST Security Dashboard. If permission is not granted, or a "restriction" is used, then any information related to this Application will be not accessible: application properties such as name, technologies or grades and measures, etc. Therefore, an Authorization must be defined before a user/group of users can access a specific application. See Data authorization.

...