Include Page | ||||
---|---|---|---|---|
|
Table of Contents |
---|
You can see configuration in the UI in 2.4.0 patches: grouper_v2_4_0_api_patch_66, / grouper_v2_4_0_ui_patch_39, grouper_v2_4_0_ws_patch_7
...
You must be a sysadmin to view/edit
Quick start
Note: this requires all config files to be in the UI. So before importing, make sure the UI (and WS and loader) has a grouper-ws.properties and a grouper-loader.properties and grouper-ui.properties. Note those files can be blank.
configuration in grouper-ui-ng.base.properties
Code Block |
---|
####################################### ## Configuration in ui ####################################### # allow configuration from ui # {valueType: "boolean", required: true} grouperUi.configuration.enabled=true # allow configuration only from these IP ranges, e.g. 1.2.3.4/32 or 2.3.4.5/24, comma separated, leave blank if available from everywhere # {valueType: "string", multiple: true} grouperUi.configurationEditor.sourceIpAddresses = 127.0.0.1/32 # if the source IP is set by apache or proxy or whatever # {valueType: "string", sampleValue: "X-FORWARDED-FOR"} grouperUi.reverseProxyForwardedForHeader = |
You can:
Disable UI configuration
Open up the source IP address to let a non localhost IP address
- List a reverse proxy header where IP address is retrieve from in the incoming HTTP request, e.g. X-FORWARDED-FOR
Note: you can set this in the database via GSH
GSH example:
Code Block |
---|
|
Code Block |
GrouperSession grouperSession = GrouperSession.startRootSession(); edu.internet2.middleware.grouper.cfg.dbConfig.GrouperConfigHibernate grouperConfigHibernate = new edu.internet2.middleware.grouper.cfg.dbConfig.GrouperConfigHibernateGrouperDbConfig(); grouperConfigHibernate.setConfigEncrypted(false); grouperConfigHibernate.setConfigFileHierarchyDb("INSTITUTION"); grouperConfigHibernate.setConfigFileNameDb(".configFileName("grouper-ui.properties"); grouperConfigHibernate.setConfigKeypropertyName("grouperUi.configurationEditor.sourceIpAddresses"); grouperConfigHibernate.setConfigValuevalue("1.2.3.4/32"); grouperConfigHibernate.saveOrUpdatestore(); |
You can:
Disable UI configuration
Open up the source IP address to let a non localhost IP address
- List a reverse proxy header where IP address is retrieve from in the incoming HTTP request, e.g. X-FORWARDED-FOR
Note: you can set this in the database via GSH. See the GrouperShell wiki for more info
Debug source IP address configuration in log4j.properties
...