Core Impact WebUI

Beginning with version 20.1 Core Impact ships a browser interface—Core Impact WebUI. This browser UI has many, but not all, of Core Impact's features along with the same look and feel as the desktop UI.

Authentication

Once installed and configured (below) the Impact WebUI is accessed with the url:
https://server_name;8883/dashboard (where server_name is a server or IP).

A login screen is displayed.

Here you can login to the Impact WebUI with local users of the host where Impact is installed.

Installing

When you install Impact, the Impact WebUI is also installed, but not enabled by default. In order to run the web server that hosts this application, run the mpt_server.exe file, located in C:\Program Files (x86)\Core Security\Impact\bin.

Listener ports for the webserver are set by default to port 8883 and port 8888.

This can be changed by issuing the following command at a command prompt:

mpt_server.exe --port 7777 --redirect-port 6666

where:

--port configures the https port (default 8883)

--redirect-port configures the http port (default 8888)

SSL Configuration

The Impact WebUI server is installed with self-signed certificates by default. This self-signed certificates are for testing purposes only and is not recommended to get access to the Impact WebUI from outside of localhost with them. In order to configure custom ssl certificates for the Impact WebUI server, execute the following command:

mpt_server.exe --setup-ssl-configuration --ssl-cert <SERVER_CERTIFICATE_PATH> --ssl-key <SERVER_PRIVATE_KEY_PATH> --ssl-key-password <PRIVATE_KEY_PASSPHRASE (optional)>

This command must be executed only once. After that, the Impact WebUI server will be configured to use this ssl configuration instead of the default one.

IMPORTANT:

Server Certificate and Server Private Key files must exists at the moment of running the MPT server. The Private Key passphrase is encrypted with the user logon credentials, so it can be decrypted by anyone who has access to the WebUI ssl configuration with the same user.

Session

The current version of the Impact WebUI supports only one active session at a time. If there is an active session and someone else tries to log into the WebUI (with the same user or any other user credentials), it will be redirected to the following page:

If the customer presses 'Accept' access is granted to the Impact WebUI Dashboard and the other user will be logged out automatically.

Additionally, session expiration time is set to 10 minutes. So, after 10 minutes of inactivity in the Impact WebUI, the user will be automatically logged out. Login/Logout does not stop modules. Impact module execution is independent of the WebUI. So, module keeps running if the user logs out, closes the web browser or even if the WebUI server is stopped.

Copyright © Fortra, LLC and its group of companies.
All trademarks and registered trademarks are the property of their respective owners.
21 | 202309280831 | September 2023