Carlos,

The only mistake I see here is that on the second line, cas.server.prefix
should be getting set to ${cas.server.name}/cas, not ${server.name}/cas.

As for the adminPages configuration, based on what you've provided, you
should be able to access

http[s]://your.cas.server/cas/status


from any IP address in 10.1.3.0/24 or from 10.1.0.10, or from 10.1.0.20.
You should be able to do this using either a web browser or even just curl,
without any further authentication required, and get a small plain-text
page back that contains the server status, version, etc. The result should
look something like this:

% curl https://casdev.newschoool.edu/cas/status

Health: OK

1.SessionMonitor: OK - 1 sessions. 0 service tickets.

2.MemoryMonitor: OK - 1452.29MB free (79.77%), 368.32MB used, 1820.61MB
total.

Host: casdev-srv01
Server: https://casdev.newschool.edu
Version: 5.2.2


Does that part work? If so, move on to the next part. If not, set <Property
name="cas.log.level" >*debug*</Property> near the top of log4j2.xml,
restart the server, and check cas.log.

If the above is working, then you should also be able to access

http[s]://your.cas.server/cas/status/dashboard


and have the CAS login page appear. Don't forget that in order for this to
work, you need to create an entry in the service registry for the dashboard
URL:

"serviceId" : "^https://your.cas.server/cas/status/dashboard(\\z|/.*)",



Does that part work? If so, move on to the next part. If not, it's probably
a service registry problem.

If the above is working, then you should authenticate to the CAS server as
a user you've listed in admusers.properties. This file should have lines
like

username=passwordnotused,ROLE_ADMIN


Where username is the user's LDAP user name (sAMAccountName in your setup).
The user should use his/her LDAP password.

Does that part work? If not, check the debug logs, or report back here with
the error message(s) you're seeing.

Good luck,
--Dave





--

DAVID A. CURRY, CISSP
*DIRECTOR OF INFORMATION SECURITY*
INFORMATION TECHNOLOGY

71 FIFTH AVE., 9TH FL., NEW YORK, NY 10003
+1 212 229-5300 x4728 • david.cu...@newschool.edu

[image: The New School]

On Fri, Feb 2, 2018 at 7:54 AM, Carlos Eduardo Santos <
carlos.santo...@gmail.com> wrote:

> / status / dashborad - Page not found.
> Hello everyone, I have been trying to configure the CAS server for a few
> days (following all the information from "the new school"). The information
> is very clear, but I could not access anything ahead of / status /.
> To the status page I can visualize the dashboard, for example, nothing.
> Below the configuration of cas.properties
>
> cas.server.name = http: // xxxxxxxxxxxxxx
> cas.server.prefix = $ {server.name} / cas
> cas.tgc.secure = true
> cas.tgc.encryptionKey = DCETkZ33-A7TETvjgZ24J_o2xQkyQxc0FCFa725ubnY
> cas.tgc.signingKey = 8y-RtN0Ny3VF9DAkNQPvIeXXkHtTetFu9
> bEcG5G7F95ckmSdvE9ZdMSbVCRvBEmwJv_Bbr7wBIfsCrXdo-IytQ
> cas.webflow.crypto.signing.key = J4qjH74TlZY5Ic6GTnblZbwKN4Ye1mBuMEr-a3_
> DNpakNbmkX0LUmXGQ30oetbf8N_dNXsG_rdjWyXUOen1mEA
> cas.webflow.crypto.encryption.key = dE1URfP5K6nvFtnUgBppQw ==
> cas.authn.accept.users =
> logging.config = file: /etc/cas/config/log4j2.xml
> cas.serviceRegistry.config.location = file: / etc / cas / services
> cas.authn.accept.users =
> cas.authn.ldap [0] .order = 0
> cas.authn.ldap [0] .name = Active Directory
> cas.authn.ldap [0] .type = AUTHENTICATED
> cas.authn.ldap [0] .ldapUrl = ldap: //10.1.0.48:389
> cas.authn.ldap [0] .userFilter = sAMAccountName = {user}
> cas.authn.ldap [0] .useSsl = false
> cas.authn.ldap [0] .baseDn = OU = CNANET, DC = cna, DC = org, DC = br
> cas.authn.ldap [0] .dnFormat = uid =% s, ou = people, dc = example, dc =
> org
> cas.authn.ldap [0] .subtreeSearch = true
> cas.authn.ldap [0] .bindDn = cn = xxxxx, cn = Users, dc = xxx, dc = org,
> dc = br
> cas.authn.ldap [0] .bindCredential = xxxxxxx
> cas.adminPagesSecurity.actuatorEndpointsEnabled = true
> cas.monitor.endpoints.enabled = true
> endpoints.enabled = true
> cas.adminPagesSecurity.ip = ^ 10 \\. 1 \\. (3 \\. [0-9] {1,3} | 0 \\. [12]
> 0) $
> cas.monitor.endpoints.sensitive = false
> endpoints.sensitive = false
> cas.adminPagesSecurity.loginUrl = $ {cas.server.prefix} / login
> cas.adminPagesSecurity.service = $ {cas.server.prefix} / status / dashboard
> cas.adminPagesSecurity.users = file: /etc/cas/config/admusers.properties
> cas.adminPagesSecurity.adminRoles [0] = ROLE_ADMIN
> ##############
> I'm trying to free cas.adminPagesSecurity.ip for the 10.1.3.0/24 network.
> but I do not know if that's the right way.
> I've tried to follow another topic that talks about it but without success.
> Please, can someone help me !!!
> Thank you.
>
> --
> - Website: https://apereo.github.io/cas
> - Gitter Chatroom: https://gitter.im/apereo/cas
> - List Guidelines: https://goo.gl/1VRrw7
> - Contributions: https://goo.gl/mh7qDG
> ---
> You received this message because you are subscribed to the Google Groups
> "CAS Community" group.
> To unsubscribe from this group and stop receiving emails from it, send an
> email to cas-user+unsubscr...@apereo.org.
> To view this discussion on the web visit https://groups.google.com/a/
> apereo.org/d/msgid/cas-user/aeed34f4-003b-45ed-9221-
> 264c6f45ea04%40apereo.org
> <https://groups.google.com/a/apereo.org/d/msgid/cas-user/aeed34f4-003b-45ed-9221-264c6f45ea04%40apereo.org?utm_medium=email&utm_source=footer>
> .
>

-- 
- Website: https://apereo.github.io/cas
- Gitter Chatroom: https://gitter.im/apereo/cas
- List Guidelines: https://goo.gl/1VRrw7
- Contributions: https://goo.gl/mh7qDG
--- 
You received this message because you are subscribed to the Google Groups "CAS 
Community" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to cas-user+unsubscr...@apereo.org.
To view this discussion on the web visit 
https://groups.google.com/a/apereo.org/d/msgid/cas-user/CA%2Bd9XANfPjpsPNa00J_Tnuk97VGqr1J7O_hvyq68J5GX%3DBOxMg%40mail.gmail.com.

Reply via email to