How to enable passwordless login to access Foglight Dashboards? (NoLoginUser)
NOTE: The 220.127.116.11 FMS release and newer provide an auth token method to provide proper security for direct dashboard access (no login). Please use this method when on version 18.104.22.168 or newer. Reference the "No login view authentication" for sending a HTTP request to Foglight for a dashboard view. The auth token is entered into the URL for the desired dashboard.
If your FMS version is < 22.214.171.124, read further noting security caveat warning.
The No-Password login option allows you to login as a special user, without providing a password.
This feature is not on by default and will only be activated if the user is created.
“WARNING - This feature seriously weakens the security of the server. This warning should be clearly stated in all documentation about this feature. The vast majority of views in Foglight have no role restrictions. This means when this feature is activated all of these views become accessible by the NoLoginUser.”
Start by checking the default server installation does not allow login before setting up the NoLoginUser.
o Attempt to login using "NoLoginUser", "abcdefg1" - you should not be able to login without previously setting up the user.
o Attempt access to a dashboard with the direct URL. You should be prompted with a login dialog. "NoLoginUser", "abcdefg1" should not give access to the view.
0. login as 'foglight' user and go to Administration | Users & Security | Manage Users,Roles,Groups
1. create a foglight user called 'NoLoginUser' with the password 'abcdefg1'
2. create a foglight role called 'NoLoginRole'
3. create a foglight group called 'NoLoginGroup'
4. add the 'NoLoginUser' to the 'NoLoginGroup'
5. assign the 'NoLoginRole' and 'Console User' roles to the 'NoLoginGroup'
NOTE: Reference attached screenshots of the User, Groups, and Roles of a defined NoLoginUser.
6. Open the dashboard/view that the NoLoginUser will be accessing.
Open Actions Panel (right side) | General tab | Properties | select 'Link to this Page' and copy the Reference Id of the view.
7. Build the URL that will be used to access the view.
7. Sign Out. Paste into browser the URL that you built above to access the page - access of the page will occur as the 'NoLoginUser' with no other user interaction.
Reference ID example: user:foglight.54
The NoLoginUser is intended to display views with no user interaction, so a view such as "Alarm List with Filter - Alarm List" will fail to display all data because this view requires user input/interaction. Enhancement request FGLUI-8223 has been filed to enhance this ability.
FGLUI-8223 - "Views do not show properly when using NologinUser"
As a workaround, grant access (Allowed Roles) to the NoLogin Role on the view. See following as an example:
a. To give access to the restricted view on the Alarms page navigate to Configuration->Definitions. Select the Alarms module and select the view "Alarm List with Filter - Alarm List" (there are many with similar names, make sure you select the correct one).
b. Edit the view Alarm List with Filter - Alarm List
c. Under Allowed Roles select the NoLoginRole created above. Make sure to select all other Roles that you want to continue to have access to this View.
d. Save the view, logout as Foglight user and retry the URL. The NoLogin user should now be able to see this tab on the Alarms view.
e. Repeat this procedure for other Views as needed.