Include Page | ||||
---|---|---|---|---|
|
Children Display |
---|
In a patch to Grouper 2.4, and in Grouper 2.5+, Grouper allows configuration Grouper allows configuration, which is normally in in config files, to be stored in the database. This is the preferred approach because:
- Configuration in the database makes the configuration consistent in an environment (otherwise the config files need to be kept in sync for the UI servers, WS servers, daemons, and GSH).
- Editing the configuration in the UI prevents configuration problems and helps users to configure Grouper easier and more reliably.
...
- It allows the administrator to revert the configuration if needed
How it works
In the hierarchy section of the config file will be an option to use the database
...
The source IP address will need to configured or disabled in grouper-ui.properties
Code Block # The configuration editor in grouper is very sensitive. If you can only allow certain source IP addresses # it will add another layer of security. Otherwise allow 0.0.0.0/0 and all will be allowed # If this configuration item is not filled in, then none are allowed # you can configure multiple CIDR addresses or networks comma separated, e.g. 1.2.3.4/32, 2.3.4.5/24 grouperUi.configurationEditor.sourceIpAddresses =
Or put this SQL in the database
Code Block |
---|
INSERT INTO grouper_config (id,config_file_name,config_key,config_value,config_comment,config_file_hierarchy,config_encrypted,config_sequence,config_version_index,last_updated,hibernate_version_number,config_value_clob,config_value_bytes) VALUES
('b0fd9db204ae4d07af881ee7b178f45c','grouper-ui.properties','grouperUi.configurationEditor.sourceIpAddresses','0.0.0.0/0',NULL,'INSTITUTION','F',0,0,1604150796687,1,NULL,9);
commit;
|
The UI uses comments in the config file to describe the configuration, and will also use configuration metadata (described below)
...