Summary: This section details how to configure a license key for accessing a Dashboard schema via a CAST dashboard web application (e.g. Engineering/Security Dashboard, RestAPI...). |
When you want to access a Dashboard schema, a special license key is required. This license key grants specific access to one or multiple Dashboard schemas for the web application in which the license key is installed. There are two types of license key:
See below for more information about each.
Users that have been granted the ADMIN role do not require a license key to access a Dashboard schema. A user with the ADMIN role can ONLY use the dashboard for validating new snapshots during the initial application on-boarding process. The ADMIN role MUST NOT be used for on-going end-user use of the dashboard. |
The current license key was introduced in January 2022:
This type of key restricts users as follows:
The legacy key is accepted in all Dashboards regardless of release:
This key restricts users via a token system in two ways:
|
All existing valid legacy license keys will function exactly as they are intended, however, if you are using one, users with the ADMIN role will now see a message explaining that a new license key type exists and that you should contact support to get more details. This message can be ignored for the time being, and all functionality will remain available:
A license key can only be generated by CAST Support. Please open a new ticket and request a license key for your CAST Dashboards.
A specific license key UI is available. To access it browse to the following location - your login must have the ADMIN role:
http://<server>:8080/<dashboard>/authorisation/index.html |
Or use the following option:
The interface is available in the License tab:
Enter your license key using the Edit option:
If you are using the standalone RestAPI JAR/WAR without a UI, you can define your license key using the legacy "license.key" file method for 1.x and 2.0 - 2.4 described below, or using the RestAPI itself. |
When a key is successfully entered, the UI will update to show the license key details:
WAR 1.x CATALINA_HOME\webapps\<dashboard>\WEB-INF\license.key WAR ≥ 2.x CATALINA_HOME\webapps\<dashboard>\WEB-INF\classes\license.key ZIP ≥ 2.x <unpacked_zip>\configurations\license.key JAR ≥ 2.x Windows: %PROGRAMDATA%\CAST\Dashboards\<dashboard>\license.key Linux: /root/ProgramData/CAST/Dashboards/<dashboard>/license.key |
Following any changes you make, restart your application server so that the changes are taken into account.
This "legacy" method is still available for users of v. ≥ 2.5 but we would encourage you to use the UI method described above. |
Use the following URI in PUT mode:
http://<server>:<port>/rest/server/license |
With the following .JSON payload:
{
"key": "<license_key>"
} |
To check whether a license key has been successfully installed in the web application, you can use the RestAPI interface. Open a browser and go to the following URL, ensuring that you modify it to conform to your environment:
WAR: http://<server>:<port>/<dashboard>/static/default.html JAR/ZIP: http://<server>:<port>/static/default.html |
Login (using the Basic Authentication field with any user (it does not have to be a user that has the ADMIN role)). Now enter "server" in the URI field and click Submit:
The result will be shown in the Response (Pre-view) tab. In this example, you can see that a restricted license key has been installed:
Note that the following statuses may be returned:
| Use Case | Status | Description |
|---|---|---|
| No License | NO_LICENSE_KEY | No license has been input in the UI (current license type) or no license.key file exists at the expected location (legacy type). |
| INVALID_LICENSE_KEY | The license.key file exists at the expected location but the license key itself does not conform to the expected format. | |
| CANNOT_ACCESS_LICENSE_KEY | The license.key file exists at the expected location but the license key itself does not exist. | |
| INVALID_LICENSE_FILE | The license.key file exists at the expected location but the license key itself does not conform to the expected format. | |
| LICENSE_EXPIRED | Indicates that the license key has expired. | |
| Restricted License | RESTRICTED_LICENSE | A restricted license has been successfully installed (legacy type only). Note that a current license key is always listed as "RESTRICTED_LICENSE". |
| GLOBAL_ACCESS_TOKENS_EXCEEDED | The number of GLOBAL tokens on a restricted license has been exceeded (legacy type only). | |
| UNIT_ACCESS_TOKENS_EXCEEDED | The number of UNIT tokens on a restricted license has been exceeded (legacy type only). | |
| Unrestricted License | UNRESTRICTED_LICENSE | An unrestricted license has been successfully installed (legacy type only). |
If a user attempts to login to the dashboard when no license key has been configured, the following message will be displayed:
| Note that users that have been granted the ADMIN role do not require a license key to access a Dashboard schema. Out of the box, no user in Default Authentication mode has this role. |
The current license key type has no concept of RESTRICTED vs UNRESTRICTED unlike a legacy type license key (note that the RestAPI will always report a current license key as "RESTRICTED" however). This means that if you are using a current license key type, there is no need to define data authorization using the license.xml file as is the case with a legacy license key type (explained in the section below). All data authorization can be managed via the built in UI as described in Data authorization - 2.x and above.
When using a current license key, the number of users that are authorized to use the CAST Dashboards is always specified in the key:
This is also shown in the UI:
The UI provides a list of users that have logged in to the Dashboard/RestAPI - each entry will consume 1 user license. In the example below, 4 users have logged in and the count of "Associated Users" reflects this:
In the example above, the number of users that have logged in to the Dashboard/RestAPI exceeds the number of authorized users (as defined in the license key) and in this situation a message will be displayed on every page in the dashboard as follows:
Click to enlarge
There are too many authorized users to connect to your Dashboard. To avoid this limitation, you can contact your CAST Administrator to update your licensing terms & conditions. |
If you receive the message described above, deleting users from the list of logged in users so that you conform to your licensing agreement will ensure that the message is removed:
| Deleting users from this list does not delete the user itself, it simply deletes the record of the logged in user to reduce the Associated User count. |
If you have installed a restricted license key (i.e. a key that specifies GLOBAL/UNIT tokens (legacy license key)), you can authorize named users to access either ALL the applications in all the target Dashboard schemas, or you can authorize named users to access a named Application in a specific Dashboard schema.
This authorization is achieved using the following XML file, which you can edit in a text editor - see Data authorization - 2.x and above and Data authorization - 1.x for more information:
WAR 1.x CATALINA_HOME\webapps\<dashboard>\WEB-INF\license.xml WAR ≥ 2.x CATALINA_HOME\webapps\<dashboard>\WEB-INF\classes\license.xml ZIP ≥ 2.x <unpacked_zip>\configurations\license.xml JAR ≥ 2.x Windows: %PROGRAMDATA%\CAST\Dashboards\<dashboard>\license.xml Linux: /root/ProgramData/CAST/Dashboards/<dashboard>/license.xml |
Authorization is achieved by adding a line into the file. Each line you add to file will use up ONE single user (or GLOBAL or UNIT token.
Note that when a RESTRICTED license key is installed, any authorizations that you have configured in the user interface (see Data authorization - 2.x and above) or in the authorizations.xml file (see Data authorization - 1.x) will be completely ignored. In other words:
|
Add the following line under the commented text to grant the user "James" access to ALL applications. Doing so will use ONE single GLOBAL token:
<!-- Each following line will consume a global access token --> <authorization user="James" allApplications="true"/> |
Following any changes you make, save the license.xml file and restart your application server so that the changes are taken into account.
Add the following line under the commented text to grant the user "John" access to the "MEUDON" Application stored in the "V83_CENTRAL" Dashboard schema. Doing so will use ONE single UNIT token:
<!--Each following line will consume a unit access token --> <authorization user="John" application="MEUDON" adgDatabase="V83_CENTRAL"/> |
Following any changes you make, save the license.xml file and restart your application server so that the changes are taken into account.
The situation listed below will cause you to be in breach of your license:
As such, a message will be displayed on every page in the dashboard as follows:
≥ 2.x There are too many authorized users to connect to your Dashboard. To avoid this limitation, you can contact your CAST Administrator to update your licensing terms & conditions. 1.x THIS SOFTWARE IS SUBJECT TO A LIMITED ACCESS. There are too many authorized users to connect to your Dashboard. To avoid this limitation, you can contact your CAST Project Manager to update your licensing terms & conditions. |
If you receive the message described above, you have two options: