Hi David,
I can only have the / status /
now the dashboard and cas-management are giving error
"ERR_CONNECTION_REFUSED" I have the firewalld disabled and SELINUX tbm so I
have no problem with that.
I can not identify where the mistake is.
- cas-management.log is not registering anything.
- The admusers.properties file is with the 2 users below.
gnarls = passwordnotused, ROLE_ADMIN
carlos.alves = passwordnotused, ROLE_ADMIN
- The CASAdminDashboard-1517507674.json service is as described below.
"@class": "org.apereo.cas.services.RegexRegisteredService",
"serviceId": "^ https: //scna-cas.cna.org.br/cas/status/dashboard (\\ z
| /.*)",
"name": "CAS Admin Dashboard",
"id": 1517507674,
"description": "CAS dashboard and administrative endpoints",
"evaluationOrder": 5000
Em sexta-feira, 2 de fevereiro de 2018 11:30:27 UTC-2, David Curry escreveu:
>
> Carlos,
>
> The only mistake I see here is that on the second line, cas.server.prefix
> should be getting set to ${cas.server.name}/cas, not ${server.name}/cas.
>
> As for the adminPages configuration, based on what you've provided, you
> should be able to access
>
> http[s]://your.cas.server/cas/status
>
>
> from any IP address in 10.1.3.0/24 or from 10.1.0.10, or from 10.1.0.20.
> You should be able to do this using either a web browser or even just curl,
> without any further authentication required, and get a small plain-text
> page back that contains the server status, version, etc. The result should
> look something like this:
>
> % curl https://casdev.newschoool.edu/cas/status
>
> Health: OK
>
> 1.SessionMonitor: OK - 1 sessions. 0 service tickets.
>
> 2.MemoryMonitor: OK - 1452.29MB free (79.77%), 368.32MB used, 1820.61MB
> total.
>
> Host: casdev-srv01
> Server: https://casdev.newschool.edu
> Version: 5.2.2
>
>
> Does that part work? If so, move on to the next part. If not, set <Property
> name="cas.log.level" >*debug*</Property> near the top of log4j2.xml,
> restart the server, and check cas.log.
>
> If the above is working, then you should also be able to access
>
> http[s]://your.cas.server/cas/status/dashboard
>
>
> and have the CAS login page appear. Don't forget that in order for this to
> work, you need to create an entry in the service registry for the dashboard
> URL:
>
> "serviceId" : "^https://your.cas.server/cas/status/dashboard(\\z|/.*)",
>
>
>
> Does that part work? If so, move on to the next part. If not, it's
> probably a service registry problem.
>
> If the above is working, then you should authenticate to the CAS server as
> a user you've listed in admusers.properties. This file should have lines
> like
>
> username=passwordnotused,ROLE_ADMIN
>
>
> Where username is the user's LDAP user name (sAMAccountName in your
> setup). The user should use his/her LDAP password.
>
> Does that part work? If not, check the debug logs, or report back here
> with the error message(s) you're seeing.
>
> Good luck,
> --Dave
>
>
>
>
>
> --
>
> DAVID A. CURRY, CISSP
> *DIRECTOR OF INFORMATION SECURITY*
> INFORMATION TECHNOLOGY
>
> 71 FIFTH AVE., 9TH FL., NEW YORK, NY 10003
> +1 212 229-5300 x4728 • david.cu...@newschool.edu <javascript:>
>
> [image: The New School]
>
> On Fri, Feb 2, 2018 at 7:54 AM, Carlos Eduardo Santos <
> carlos....@gmail.com <javascript:>> wrote:
>
>> / status / dashborad - Page not found.
>> Hello everyone, I have been trying to configure the CAS server for a few
>> days (following all the information from "the new school"). The information
>> is very clear, but I could not access anything ahead of / status /.
>> To the status page I can visualize the dashboard, for example, nothing.
>> Below the configuration of cas.properties
>>
>> cas.server.name = http: // xxxxxxxxxxxxxx
>> cas.server.prefix = $ {server.name} / cas
>> cas.tgc.secure = true
>> cas.tgc.encryptionKey = DCETkZ33-A7TETvjgZ24J_o2xQkyQxc0FCFa725ubnY
>> cas.tgc.signingKey =
>> 8y-RtN0Ny3VF9DAkNQPvIeXXkHtTetFu9bEcG5G7F95ckmSdvE9ZdMSbVCRvBEmwJv_Bbr7wBIfsCrXdo-IytQ
>> cas.webflow.crypto.signing.key =
>> J4qjH74TlZY5Ic6GTnblZbwKN4Ye1mBuMEr-a3_DNpakNbmkX0LUmXGQ30oetbf8N_dNXsG_rdjWyXUOen1mEA
>> cas.webflow.crypto.encryption.key = dE1URfP5K6nvFtnUgBppQw ==
>> cas.authn.accept.users =
>> logging.config = file: /etc/cas/config/log4j2.xml
>> cas.serviceRegistry.config.location = file: / etc / cas / services
>> cas.authn.accept.users =
>> cas.authn.ldap [0] .order = 0
>> cas.authn.ldap [0] .name = Active Directory
>> cas.authn.ldap [0] .type = AUTHENTICATED
>> cas.authn.ldap [0] .ldapUrl = ldap: //10.1.0.48:389
>> cas.authn.ldap [0] .userFilter = sAMAccountName = {user}
>> cas.authn.ldap [0] .useSsl = false
>> cas.authn.ldap [0] .baseDn = OU = CNANET, DC = cna, DC = org, DC = br
>> cas.authn.ldap [0] .dnFormat = uid =% s, ou = people, dc = example, dc =
>> org
>> cas.authn.ldap [0] .subtreeSearch = true
>> cas.authn.ldap [0] .bindDn = cn = xxxxx, cn = Users, dc = xxx, dc = org,
>> dc = br
>> cas.authn.ldap [0] .bindCredential = xxxxxxx
>> cas.adminPagesSecurity.actuatorEndpointsEnabled = true
>> cas.monitor.endpoints.enabled = true
>> endpoints.enabled = true
>> cas.adminPagesSecurity.ip = ^ 10 \\. 1 \\. (3 \\. [0-9] {1,3} | 0 \\.
>> [12] 0) $
>> cas.monitor.endpoints.sensitive = false
>> endpoints.sensitive = false
>> cas.adminPagesSecurity.loginUrl = $ {cas.server.prefix} / login
>> cas.adminPagesSecurity.service = $ {cas.server.prefix} / status /
>> dashboard
>> cas.adminPagesSecurity.users = file: /etc/cas/config/admusers.properties
>> cas.adminPagesSecurity.adminRoles [0] = ROLE_ADMIN
>> ##############
>> I'm trying to free cas.adminPagesSecurity.ip for the 10.1.3.0/24
>> network. but I do not know if that's the right way.
>> I've tried to follow another topic that talks about it but without
>> success.
>> Please, can someone help me !!!
>> Thank you.
>>
>> --
>> - Website: https://apereo.github.io/cas
>> - Gitter Chatroom: https://gitter.im/apereo/cas
>> - List Guidelines: https://goo.gl/1VRrw7
>> - Contributions: https://goo.gl/mh7qDG
>> ---
>> You received this message because you are subscribed to the Google Groups
>> "CAS Community" group.
>> To unsubscribe from this group and stop receiving emails from it, send an
>> email to cas-user+u...@apereo.org <javascript:>.
>> To view this discussion on the web visit
>> https://groups.google.com/a/apereo.org/d/msgid/cas-user/aeed34f4-003b-45ed-9221-264c6f45ea04%40apereo.org
>>
>> <https://groups.google.com/a/apereo.org/d/msgid/cas-user/aeed34f4-003b-45ed-9221-264c6f45ea04%40apereo.org?utm_medium=email&utm_source=footer>
>> .
>>
>
>
--
- Website: https://apereo.github.io/cas
- Gitter Chatroom: https://gitter.im/apereo/cas
- List Guidelines: https://goo.gl/1VRrw7
- Contributions: https://goo.gl/mh7qDG
---
You received this message because you are subscribed to the Google Groups "CAS
Community" group.
To unsubscribe from this group and stop receiving emails from it, send an email
to cas-user+unsubscr...@apereo.org.
To view this discussion on the web visit
https://groups.google.com/a/apereo.org/d/msgid/cas-user/a015990e-68d9-4477-992b-fc2d2c19040d%40apereo.org.
