...
Code Block |
---|
####################################### ## Configuration in ui ####################################### # allow configuration from ui # {valueType: "boolean", required: true} grouperUi.configuration.enabled=true # allow configuration only from these IP ranges, e.g. 1.2.3.4/32 or 2.3.4.5/24, comma separated, leave blank if available from everywhere # {valueType: "string", multiple: true} grouperUi.configurationEditor.sourceIpAddresses = 127.0.0.1/32 # if the source IP is set by apache or proxy or whatever # {valueType: "string", sampleValue: "X-FORWARDED-FOR"} grouperUi.reverseProxyForwardedForHeader = |
You can:
Disable UI configuration
Open up the source IP address to let a non localhost IP address
- List a reverse proxy header where IP address is retrieve from in the incoming HTTP request, e.g. X-FORWARDED-FOR
Note: you can set this in the database via GSHGSH example:
Code Block |
---|
GrouperSession grouperSession = GrouperSession.startRootSession(); edu.internet2.middleware.grouper.cfg.dbConfig.GrouperConfigHibernate grouperConfigHibernate = new edu.internet2.middleware.grouper.cfg.dbConfig.GrouperConfigHibernateGrouperDbConfig(); grouperConfigHibernate.setConfigEncrypted(false); grouperConfigHibernate.setConfigFileHierarchyDb("INSTITUTION"); grouperConfigHibernate.setConfigFileNameDb(".configFileName("grouper-ui.properties"); grouperConfigHibernate.setConfigKeypropertyName("grouperUi.configurationEditor.sourceIpAddresses"); grouperConfigHibernate.setConfigValuevalue("1.2.3.4/32"); grouperConfigHibernate.saveOrUpdatestore(); |
You can:
Disable UI configuration
Open up the source IP address to let a non localhost IP address
- List a reverse proxy header where IP address is retrieve from in the incoming HTTP request, e.g. X-FORWARDED-FOR
Note: you can set this in the database via GSH. See the GrouperShell wiki for more info
Debug source IP address configuration in log4j.properties
...