The Dashboard relies upon the Basic Authentication feature of the web server to provide login security. Additionally, Role-Based Access Control (RBAC) uses that login string to provide additional functionality within the Dashboard. Without Basic Authentication in the web server, RBAC will not work in the Dashboard.
When RBAC is enabled (requires web server Basic Auth to be working fully), there are just two roles currently:
administrator - which gives
read-write access to everything to any valid login listed in the
"administrators":[] option in the
WEBROOT/html/config.json file.
operator - which is read-only and is the role given to anyone with a valid login
To enable login and password security for the Dashboard along with Role-Based Access Control (RBAC), be sure to do the following:
Deploy the correct Apache config to enable Basic Authentication
pointing to the WEBROOT/etc/.htpasswd file.
Please see Section 8.2.2, “Create the Dashboard-specific Web Server Configuration File” and ???.
Ensure that the WEBROOT/etc/.htpasswd file
contains one or more login/password pairs using the
htpasswd command.
Please see Section 8.2.4, “Populate Logins Using htpasswd”.
Configure the Dashboard RBAC via the
WEBROOT/html/config.json file to add logins from
the WEBROOT/etc/.htpasswd file to the
administrators JSON array.
Please see
Section 8.2.5, “Enable RBAC via config.json”.