When the dashboard is to be accessed externally it is advisable to encrypt the URL. The encrypted URL can then be set to expire after a pre-determined period of time.
The URL will be encrypted using a GUID that is generated on installation so is unique to each dashboard server, the GUID can be found in the dashboard.config file. If required this GUID can be replaced by a custom string or GUID of your choosing.
The Expiry in the above line is the number of seconds that the encrypted query string will be valid for.
In order to encrypt the query string the code below should be added to the calling application to generate the encrypted query string
public static string Encrypt(string strToEncrypt, string strKey)
{
strToEncrypt = String.Format("{0}{1}{2}", strToEncrypt, (!String.IsNullOrEmpty(strToEncrypt) ? "&" : String.Empty), "starttime=" + DateTime.Now.ToString("yyyyMMddHHmmss"));
TripleDESCryptoServiceProvider objDESCrypto = new TripleDESCryptoServiceProvider() { Mode = CipherMode.ECB };
byte[] byteHash = (new MD5CryptoServiceProvider()).ComputeHash(ASCIIEncoding.ASCII.GetBytes(strKey));
objDESCrypto.Key = byteHash;
byte[] byteBuff = ASCIIEncoding.ASCII.GetBytes(strToEncrypt);
return Convert.ToBase64String(objDESCrypto.CreateEncryptor().TransformFinalBlock(byteBuff, 0, byteBuff.Length)).Replace("+","_");
}
It should be called in the following way:-
string encryptedURL = Encrypt("dashids=1&HideHeader=true&HideMenu=true", "D538C3D7-F9E0-496B-ADFD-4BB38799FC9E");
where the 2nd parameter is the encryption value found in the dashboard.config file. You can then launch the dashboard by using the URL:-
http://xxx/dashboard.html?encr={encrypedURL}