Versions Compared

Old Version 9

changes.mady.by.user Chris Hyzer (upenn.edu)

Saved on

compared with

New Version Current

changes.mady.by.user Chris Hyzer (upenn.edu)

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

Include Page
spaceKeyGrouper
pageTitleNavigation

Table of Contents

You can see configuration in the UI in 2.4.0 patches: grouper_v2_4_0_api_patch_66,  / grouper_v2_4_0_ui_patch_39, grouper_v2_4_0_ws_patch_7

...

You must be a sysadmin to view/edit

Quick start

Note: this requires all config files to be in the UI.  So before importing, make sure the UI (and WS and loader) has a grouper-ws.properties and a grouper-loader.properties and grouper-ui.properties.  Note those files can be blank.


configuration in grouper-ui-ng.base.properties

Code Block
#######################################
## Configuration in ui
#######################################

# allow configuration from ui
# {valueType: "boolean", required: true}
grouperUi.configuration.enabled=true

# allow configuration only from these IP ranges, e.g. 1.2.3.4/32 or 2.3.4.5/24, comma separated, leave blank if available from everywhere
# {valueType: "string", multiple: true}
grouperUi.configurationEditor.sourceIpAddresses = 127.0.0.1/32

# if the source IP is set by apache or proxy or whatever
# {valueType: "string", sampleValue: "X-FORWARDED-FOR"}
grouperUi.reverseProxyForwardedForHeader =

You can:

  1. Disable UI configuration

  2. Open up the source IP address to let a non localhost IP address

  3. List a reverse proxy header where IP address is retrieve from in the incoming HTTP request, e.g. X-FORWARDED-FOR

Note: you can set this in the database via GSH

GSH example:

Code Block
Code Block
GrouperSession grouperSession = GrouperSession.startRootSession();
edu.internet2.middleware.grouper.cfg.dbConfig.GrouperConfigHibernate grouperConfigHibernate = new edu.internet2.middleware.grouper.cfg.dbConfig.GrouperConfigHibernateGrouperDbConfig();
grouperConfigHibernate.setConfigEncrypted(false);
grouperConfigHibernate.setConfigFileHierarchyDb("INSTITUTION");
grouperConfigHibernate.setConfigFileNameDb(".configFileName("grouper-ui.properties");
grouperConfigHibernate.setConfigKeypropertyName("grouperUi.configurationEditor.sourceIpAddresses");
grouperConfigHibernate.setConfigValuevalue("1.2.3.4/32");
grouperConfigHibernate.saveOrUpdatestore();


You can:

  1. Disable UI configuration

  2. Open up the source IP address to let a non localhost IP address

  3. List a reverse proxy header where IP address is retrieve from in the incoming HTTP request, e.g. X-FORWARDED-FOR


Note: you can set this in the database via GSH.  See the GrouperShell wiki for more info


Debug source IP address configuration in log4j.properties

...