Chapter 7. Enabling Dashboard Security

The Dashboard relies upon the Basic Authentication feature of the web server to provide login security. Additionally, Role-Based Access Control (RBAC) uses that login string to provide additional functionality within the Dashboard. Without Basic Authentication in the web server, RBAC will not work in the Dashboard.

When RBAC is enabled (requires web server Basic Auth to be working fully), there are just two roles currently:

  • administrator - which gives read-write access to everything to any valid login listed in the "administrators":[] option in the WEBROOT/html/config.json file.

  • operator - which is read-only and is the role given to anyone with a valid login

To enable login and password security for the Dashboard along with Role-Based Access Control (RBAC), be sure to do the following: