Versions Compared

Old Version 39

changes.mady.by.user Chris Hyzer (upenn.edu)

Saved on

compared with

New Version Current

changes.mady.by.user ben.rappleyea.2@at.internet2.edu

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

Include Page
spaceKeyGrouper
pageTitleNavigation


Children Display

In a patch to Grouper 2.4, and in Grouper 2.5+, Grouper allows configuration Grouper allows configuration, which is normally in in  config files, to be stored in the database.  This is the preferred approach because:

  • Configuration in the database makes the configuration consistent in an environment (otherwise the config files need to be kept in sync for the UI servers, WS servers, daemons, and GSH). 
  • Editing  the configuration in the UI prevents configuration problems and helps users to configure Grouper easier and more reliably.

...

  • It allows the administrator to revert the configuration if needed

How it works

In the hierarchy section of the config file will be an option to use the database

...

  1. grouper.properties
  2. grouper-loader.properties
  3. subject.properties
  4. grouper.client.properties (if there is a grouper.hibernate.properties in the classpath)
  5. grouper.cache.properties

  6. grouper-ui.

    hibernate.properties (note, the database connection information needs to be in the config file of course, since that database holds the configuration and it needs to be able to connect)

    properties

  7. grouper-wsgrouper-ui.properties

  8. grouper-ws.text.en.us.properties (2.5.30+)

Edit the configuration in the UI

...

  • The source IP address will need to configured or disabled in grouper-ui.properties

    Code Block
    # The configuration editor in grouper is very sensitive.  If you can only allow certain source IP addresses 
# it will add another layer of security.  Otherwise allow 0.0.0.0/0 and all will be allowed
# If this configuration item is not filled in, then none are allowed
# you can configure multiple CIDR addresses or networks comma separated, e.g. 1.2.3.4/32, 2.3.4.5/24
grouperUi.configurationEditor.sourceIpAddresses =



Or put this SQL in the database

Code Block
INSERT INTO grouper_config (id,config_file_name,config_key,config_value,config_comment,config_file_hierarchy,config_encrypted,config_sequence,config_version_index,last_updated,hibernate_version_number,config_value_clob,config_value_bytes) VALUES 
('b0fd9db204ae4d07af881ee7b178f45c','grouper-ui.properties','grouperUi.configurationEditor.sourceIpAddresses','0.0.0.0/0',NULL,'INSTITUTION','F',0,0,1604150796687,1,NULL,9);
commit;


The UI uses The UI uses comments in the config file to describe the configuration, and will also use configuration metadata (described below)

...

You can import from a consolidated export from the filesystem.

Export the config (v2.5.34+)

Image Added

Config history (v2.5.34+)

Image Added

Configuration metadata

...