Security Limitations

Continuent Tungsten Dashboard has the following security limitations:

warning

THERE IS NO API SECURITY in versions less than v7.0.0 - If you enable the API on the Manager, anyone may connect to it. Use your firewall to block port 8090 from non-essential hosts.

warning

SSL (https) is not supported on the Manager API endpoint in versions less than v7.0.0

warning

Please use Apache Basic Auth to lock down access to the Tungsten Dashboard GUI.

warning

SSL (https) configuration for the Tungsten Dashboard is possible, but is beyond the scope of this document.

warning

Locking only works on a single web server host, so if you have installed the Tungsten Dashboard on more than one host, the lock is not shared and is therefore ineffective.