Authentication

Overview

Out-of-the-box, CAST Imaging is configured to use Local Authentication via a simple username/password system provided by third-party component called Keycloak (see below for more information). A default CAST Imaging local user is provided (with the login credentials admin/admin and with the global ADMIN profile) so that installation can be set up initially.

To manage and configure authentication, i.e. to manage existing local CAST Imaging user credentials and the addition of new local users/groups, or to change the authentication system to interact with your in-house LDAP/Active Directory or SAML system, connect to the Keycloak authentication system using the following URL (pointing to the machine on which the imaging-services component is installed) and login with the Keycloak default credentials (admin/admin):

http://<imaging-services-fqdn>:8090/auth

CAST recommends configuring CAST Imaging to use your on-premises enterprise authentication system such as LDAP or SAML Single Sign-on, as detailed below:

Local Authentication

LDAP

SAML Single Sign-on

About Keycloak

CAST uses a third-party component called Keycloak to handle authentication for CAST Imaging. This component is installed automatically during the install process. Some technical information about Keycloak follows:

Keycloak is provided with default login credentials admin/admin allowing access to the authentication system only (they cannot be used to access CAST Imaging). CAST highly recommends changing the password for the Keycloak “admin” user using the following URL (pointing to the machine on which the imaging-services component is installed):

http://<imaging-services-fqdn>:8090/auth/realms/master/account/account-security/signing-in

Note that out of the box, the Keycloak credentials are the same (admin/admin) as the default local user login credentials provided for CAST Imaging - but they are entirely separate and distinct.

Product support

CAST supports this third-party component in the sense that tickets are created, and temporary or permanent fixes will be provided.

Version upgrades

When a permanent fix is required, CAST provides the latest corrections published by Keycloak.

Error management

CAST handles Keycloak errors when they are reported via support tickets.

Configuration and parameterization issues

As mentioned previously, CAST handles configuration issues when support tickets are created.

Software and security patching

When patching is required, CAST provides patches sourced from Keycloak.