Summary: This section describes how to configure data authorization in the CAST dashboards.

Introduction

An Authorization defines permission to access and "consume the data" in a specific Application or group of Applications via the CAST dashboards. If permission is not granted, or a "restriction" is used, then any information related to this Application will be not accessible: application properties such as name, technologies or grades and measures, etc. Therefore, an Authorization must be defined before a user/group of users can access a specific application:

Authorizations/restrictions when using the combined war/zip files

When you are using the the combined Health/Engineering WAR/ZIP files, please remember that data authorization is common to the Measurement schema (Health Dashboard) and Dashboard schema (Engineering Dashboard) defined in the dashboard connection properties. Therefore if you authorize "UserA" to view Application "B", then this is true for both dashboards delivered in the same WAR/ZIP file. The exception is when you are using a restricted license where authorizations for the Engineering Dashboard must be defined in license.xml - therefore authorizations for the Health Dashboard can differ to those defined for the Engineering Dashboard.

When you are using the combined WAR/ZIP file, authorizations/restrictions based only on Tags and Categories created solely for Measurement schemas (Tag and Categories are features that are not available for Dashboard schemas) WILL also be applied in the Engineering Dashboard for applications that exist in both schemas.

How is data authorization managed?

Data authorization is managed in different ways depending on the Dashboard release you are using:

≥ 2.x

Data authorization is managed using a graphical user interface. See Data authorization - 2.x and above:

Note that this user interface is also used to assign User roles - 2.x and above.


1.x

Data authorization is managed using a configuration file called authorizations.xml (and license.xml for those using a RESTRICTED license). See Data authorization - 1.x.

<root>
   <authorization user="guest" application="Billing platforms" adgDatabase="demo_central"/>
</root>