Configuration files
The file /etc/eltex-wifi-cab/system.xml contains settings to connect to MongoDB, NBI and authorization service.
- Connecting to MongoDB:
<entry key="mongoaddress">mongodb://localhost:27017/wifi-customer-cab</entry>
- Connecting to NBI (address, login, password):
<entry key="nbiaddress">http://localhost:8080/axis2/services/RadiusNbiService?wsdl</entry> <entry key="nbi.serviceLogin.user">softwlc_service</entry> <entry key="nbi.serviceLogin.password">softwlc</entry>
- Connecting to Admin Panel users authorization service:
<entry key="radius.auth.address">localhost</entry> <entry key="radius.auth.shareSecret">testing123</entry> <entry key="radius.auth.authPort">21812</entry> <entry key="radius.auth.acctPort">21813</entry>
GUI settings
The section "Settings" contains general settings of Wi-Fi B2B Admin Panel and allows creating its roles and users lists, configuring domains and interacting with other platform elements.
The section "Settings" contains 6 tabs:
- "System";
- "Domains tree";
- "System users";
- "System roles";
- "Server addresses";
- "RADIUS clients".
Each tab is responsible for a certain group of settings. An opportunity to edit most settings is available only for a user with the role of a system administrator.
System
To save changes, click the button "Save", located at the top of the page. Settings are applied immediately, service restart is not needed.
System
The tab "System" is the main tab for the Wi-Fi B2B Admin Panel configuration.
- Upload icon — allows uploading a favicon for the Admin Panel.
- Applicaton header— allows specifying a header for the page in a browser.
- Language of GUI and system messages – 2 languages are available: English (en-US), Russian (ru_RU). For GUI changes to be applied, pass authorization again.
- Count of wrong attempts of input operator's login and password, after which a temporary block of access by IP will be executed – the parameter keeps the number of invalid inputs upon exceeding of which an opportunity to enter credentials will be stopped for 10 minutes (password sniffing protection).
- Regular expression to validate phone number – allows specifying a regular expression to validate phone number when creating a Wi-Fi user. The system comes with a regular expression that allows only mobile phone numbers in the international format.
- Unified network domain – used when there are no subdomains in the system. When checked, all user accounts will be located in the root domain. The mode makes working with the interface easier when the system is used to service one organizations without subsidiaries.
- Pop-up messages show time – a time period (in seconds) during which a warning pop-up window is displayed.
- Max time of storing of records in the Event log, in weeks– the maximum possible number of events in the event log. On exceeding of this limit, old entries will be deleted. By default, this period is two weeks.
- Shaper settings at "Domains tree – enabling shaper settings on access poins installed within the same domain the Domains tree. Shaper data work when there is a link between SoftWLC and ESR-1000 (SoftWLC configures shapers on ESR-1000 to which the group of access points is connected).
- SORM-2 settings at "Domains tree" – enabling the setting for RADIUS traffic sending for SORM-2.
- Auto activating voucher after creation – automatic activation of vouchers after creating. If the option is not enabled, all created vouchers will be deactivated. To activate them, fill in the fields "Login" + "Phone number" or "Passport data".
- Maximum time of inactivity – a timeout upon exceeding of which a user is logged out. If a user performs some actions in the Admin Panel, the idle time counter is reset.
- Use caching in statistics panels – allows saving statistics samplings in order not to gather data again when switching the tabs.
- Maximum caching lifetime in statistic panels, in min –statistics cache storage time.
- Return period (for user statistics).
- Maximal time of storing reports in hours – time period during which reports are stored on the server. On exceeding this timeout, a report requested by a user will be deleted.
- Maximal count of downloading reports at the same time – if this number is exceeded, new users that try to download a report will have to wait.
- Show ICMP diagram – when checked, an opportunity to view diagrams showing ICMP results on device accessibility in the tab "Access points".
- Show SNMP diagram – when checked, an opportunity to view diagrams showing SNMP results on device accessibility in the tab "Access points".
Integration
- PCRF URL – ELTEX-PCRF address.
- NGW Client URL – address of eltex-ngw service to send notifications via SMS or e-mail.
- Portal constructor URL – Portal Constructor address available for users from an external network. The parameter is applied for users to access the Portal Constructor.
- Portal constructor local URL – Portal Constructor address available within the core (from the Admin Panel server). Used to pass users' credentials to the Portal Constructor. If this address is equal to Portal constructor URL, leave this field empty. Interaction is carried out via HTTP.
- Disable certificate check – disables HTTPS certificate check when a user goes to the Portal Constructor.
- Marketing customer place URL – advertising platform address. Is used to move to advertising platform personal account.
- Maps tiles server – selecting a service that provides maps to which access points' locations will be projected.
- Maps segmentation – configuring a grid used for access points grouping when a scale is changed. When the number of segments is decreased, access points are clustered in sparse groups, the number of groups on the map decreases. When the number of segments is increased, groups become smaller, and the number of them increases. Valid values are between 3 to 30, recommended ones are from 6 to 12.
Tables
Configuring the fields that are obligatory when creating Wi-Fi users' accounts.
Notifications
In this section, sending e-mail and SMS notifications to users is configured. To enable the service, check an appropriate checkbox.
- Template for Email letter theme – a title of letters sent to Wi-Fi users.
- Template for Email letter when account creating — allows specifying a text of a letter sent on account creation.
- Template for SMS being sent to new user – allows specifying a text of an SMS sent on account creation.
- Template for Email letter when account editing –allows specifying a text of a letter sent on account editing.
- Template for SMS notification on account modification – allows specifying a text of an SMS sent on account editing.
- Template for Email letter when account deleting – allows specifying a text of an SMS sent on account deletion.
- Template for SMS notification about account deactivation – allows specifying a text of an SMS sent on account deletion.
B2B clients notifications
In this section, notifications on platform maintenance (causing access interruptions) that are sent to Admin Panel users (for Platform administrators and B2B clients having Admin Panel user accounts) are configured.
- Letter header – a header of a letter sent to Admin Panel users.
- Template for B2B – a template for a letter notifying of platform maintenance.
Client
Technical support data – allows specifying a text displayed on the page "About".
Domains tree
In this section, the Wi-Fi platform domains are managed.
Domains – string identifiers by which separation of access rights for SoftWLC monitoring and management is performed.
Domains structure – a hierarchy according to which parent elements contain child elements. A first-level domain is called a root domain. For federal-level projects, the domain "root" is recommended.
A domain name should consist of digits and Latin letters. A length of each element should not exceed 63 symbols. Total length of a domain in string representation should not exceed 255 symbols. A point should be a separator (in string representation).
A root domain is specified by a system administrator during installation and cannot be replaced with another one later!
A table presented in the interface allows viewing a structure and elements of a domain tree.
A domain of a Wi-Fi user implies that a user belongs to a group and serves as a part of a pair login@domain that is a unique identifier of a user account within the Platform.
There are three types of domains in SoftWLC: Ap, Service, Both. If it is required to put access points and Wi-Fi users into different domains, access points should be put into domains with "Ap" type, and users should be put into domains with "Service" type. If there is no such a need, access points and Wi-Fi users should be put into a domain with "Both" type. Separation of access points and Wi-Fi users allows more flexibility in providing statistics data access within a big project.
Creating a domain
When the button "Add" is clicked, a dialog window for adding a new domain that contains a defined set of parameters is opened. "Title", "Description", "Users Number limit". Parameters marked with "*" are obligatory. An attempt to save an entry with obligatory fields that are not filled in or filled in incorrectly will be rejected. Problem fields will be highlighted red.
- Title– domain name (it should be consistent with the rules described above);
- Description – free form description of a domain. The description will be displayed in widgets on other pages of the Admin Panel;
- Users number limit — the maximum number of Wi-Fi users that can be located in a certain domain or its subdomains. The parameter allows setting quotas on the number of service users for organizations' departments, subsidiaries or client organizations.
- Domain type — defines domain type.
- Timezone — domain timezone. The parameter is used to define a timezone where access points are installed. For example, it is required for scheduled operation of the portal.
When the number of Wi-Fi users in a domain or a subdomain is modified, the program interface verifies that the total number of subdomain users is not higher than the total number of domain ones. A warning message is displayed on the screen. The interface does not allow creating subdomains with quotas higher than their parent domains' quotas.
The following command buttons are available in the dialog for domain adding/editing:
- Confirm — confirm the changes;
- Cancel — cancel the changes.
Editing a domain
To edit a domain, select it from the table and click "Edit". A corresponding window will be opened. The following parameters can be edited: "Timezone", "Description" and "User Number limit".
Deleting a domain
To delete a domain, select it and click "Delete". A domain can be deleted only with all its parameters. Confirmation via entering a user account password is required.
When the button "Delete" is clicked, a warning with all domain entries to be deleted is displayed:
After clicking the button "Confirm", a password dialog will be displayed to confirm the operation.
Domain list visibility is limited to a domain of an operator. An operator of a subsidiary or an organization can view and manage only entries of its domain or subdomain. Entries of other domains are not available.
System users
The tab "System users" is implied to manage users (operators) of services included into SoftWLC. User accounts configured in this tab are used to access the Wi-Fi B2B Admin Panel and the Portal Constructor.
The tab allows creating, deleting and cloning accounts of system operators. If lists are long, it is convenient to use filters.
User list visibility is limited to a domain. An operator of a subsidiary or an organization can view and manage only entries of its domain or subdomain. Entries of other domains are not available.
Adding a user
When the button "Add" is clicked, a dialog window for adding a system user that contains a defined set of parameters is opened. All the parameters are obligatory. An attempt to save an entry with obligatory fields that are not filled in or filled in incorrectly will be rejected. Problem fields will be highlighted red. When a mouse is over a field, a prompt is displayed.The set of parameters:
- Login — the parameter is used as a unique identifier to enter the systems "Wi-Fi B2B Admin Panel" and "Portal Constructor";
- Password — a unique password to a user account;
- System role — user account belonging to one of the system roles;
- Domain — a domain to which a user will be added. Each user can have several domains.
- Client's timezone — all data will be displayed according to a timezone.
- End date — user account expiry date after which it cannot be used for authorization.
- Family/Name — additional user account parameters. The need for their usage is configured an the Admin Panel. The Admin Panel records by whom a Wi-Fi user account was created and edited.
- Mobile phone — a phone for notifications sending.
- Email — e-mail address for notifications sending.
- Description — information on an account.
One user account can have only one system role but several domains.
Cloning a user
When the button "Clone" is clicked, a dialog window for cloning a system user that contains a defined set of parameters is opened. The parameters "System role", "Domain" and "Client's timezone" are copied from the account to be cloned. The other parameters are specified manually.
Sending notifications
When the button "Notification" is clicked, a dialog window for sending e-mail notifications containing a message template specified in the menu "B2B clients notifications" is opened. In this window, a message can be edited for a certain case, and a domain to which a message will be sent can be selected.
Selecting a domain for a user
To select a domain for a user, a special widget showing a domain tree and a list of added domains is implemented.
- To add a new domain, select it in a tree.
- To delete a domain, click the icon .
Editing a user
When a checkbox on the left side of the table is checked for an entry, the button "Edit" is enabled. Click this button, and a dialog window similar to one for creating a user but including additional information on account creation date will be opened.
A user's login cannot be edited because the field "Login" is an entry identifier. If required, an entry can be deleted and created again.
Deleting a user
To delete an entry, check a corresponding checkbox and click "Delete". Thus, several entries can be selected and deleted simultaneously. If the checkbox in the table header is checked, the whole table will be selected.
Unable to delete "admin". Users cannot delete their own accounts, i.e. the accounts under which they enter the system.
System roles
The tab "System roles" is used to configure management roles. Role is a set of attributes that allows structuring the Wi-Fi B2B Admin Panel users' (operators') rights and simplifying rights configuration.
Each system role has a name, a set of main attributes defining user rights in the systems "Wi-Fi B2B Admin Panel" and "Portal Constructor" and an expanded list of attributes that specifies user rights for each page of a system. All these allow creating a flexible Platform resources management scheme. For example, there is an opportunity to configure roles of Platform super user, telecommunication provider, company client etc. There can be a local administrator within each group (with rights that do not extend beyond their domain), operators with "read" access and operators with "read and write" access to any platform resources.
Adding/editing a system role
When the button "Add" is clicked, a dialog window for adding a system role that contains a defined set of parameters is opened. Fields marked with "*" are obligatory. An attempt to save an entry with obligatory fields that are not filled in or filled in incorrectly will be rejected. Problem fields will be highlighted red. When a mouse is over a field, a prompt is displayed.
The following command buttons are available:
- Confirm — confirm the changes;
- Cancel — cancel the changes.
The privileges given to system roles are described in the section Description of Admin Panel and Portal Constructor users' privileges
Copying a role
Instead of creating a role from scratch, roles created before can be used. To do that, select a role and click "Copy".
A window similar to the role creating/editing one will be opened. A new name should be specified, and required parameters should be changed in it.
Deleting a role
To delete a role, select it and click "Delete". If a role is not used by existing users, it will be deleted after confirmation.
Server addresses
In the tab "Server addresses" an interface for registration of host addresses in multi-server installations is provided. IP addresses of all servers used for platform users authentication should be added to the table. That is, they are main and reserve addresses of hosts on which the systems "Wi-Fi B2B Admin Panel" and "Portal Constructor" are installed.
When all services are running on the same host and communicate via "localhost", address registration is not needed.
If the system is installed on several hosts, a primary address of a server with the "Wi-Fi B2B Admin Panel" installed can be specified via Eltex.EMS under super admin.
Adding a user
When the button "Add" is clicked, a dialog window for server address editing that contains a defined set of parameters appears. Fields marked with "*" are obligatory. An attempt to save an entry with obligatory fields that are not filled in or filled in incorrectly will be rejected. Problem fields will be highlighted red. When a mouse is over a field, a prompt is displayed.
Editing a user
When a checkbox on the left side of the table is checked for an entry, the button "Edit" is enabled. Click this button, and a dialog window for server address configuration will be opened. The window is described in the section "Adding a user".
Deleting a user
To delete an entry, check a checkbox in a corresponding row and click "Delete". Deleting several entries simultaneously is available.
Licensing
The number of users that can be logged in the Admin Panel and work with its WEB interface simultaneously is limited by licenses.
Administrative accounts ('admin','softwlc_service') are not included in the total number of logged in users when new accounts are created. However, they are included there when the number of simultaneous website visitors is calculated (when entering Admin Panel).
Licensing procedure and installation
A license file is not included into eltex-wifi-cab package by default. In this mode, a demo license for 5 users can be used to evaluate the system.
Eltex specialists will generate a personal license file and create a e-Token key in the acquisition of licenses.
E-Token should be connected to a server's USB interface. If a server operates on a virtual machine, the key should be forwarded to a virtual machine.
The license file should be put into the following directory:
/etc/eltex-wifi-cab/
After that, tomcat service should be restarted.
Checking a license
To check if licenses have been applied successfully, select "License" in the "Help" tab of GUI EMS. Information on the current license and the maximum number of users is available in the tab.