Hi David,
I can only have the / status /
now the dashboard and cas-management are giving error
"ERR_CONNECTION_REFUSED" I have the firewalld disabled and SELINUX tbm so I
have no problem with that.
I can not identify where the mistake is.
- cas-management.log is not registering anything.
- The admusers.properties file is with the 2 users below.
gnarls = passwordnotused, ROLE_ADMIN
carlos.alves = passwordnotused, ROLE_ADMIN
- The CASAdminDashboard-1517507674.json service is as described below.
"@class": "org.apereo.cas.services.RegexRegisteredService",
"serviceId": "^ https: //scna-cas.cna.org.br/cas/status/dashboard (\\ z
| /.*)",
"name": "CAS Admin Dashboard",
"id": 1517507674,
"description": "CAS dashboard and administrative endpoints",
"evaluationOrder": 5000
Em sexta-feira, 2 de fevereiro de 2018 11:30:27 UTC-2, David Curry escreveu:
>
> Carlos,
>
> The only mistake I see here is that on the second line, cas.server.prefix
> should be getting set to ${cas.server.name}/cas, not ${server.name}/cas.
>
> As for the adminPages configuration, based on what you've provided, you
> should be able to access
>
> http[s]://your.cas.server/cas/status
>
>
> from any IP address in 10.1.3.0/24 or from 10.1.0.10, or from 10.1.0.20.
> You should be able to do this using either a web browser or even just curl,
> without any further authentication required, and get a small plain-text
> page back that contains the server status, version, etc. The result should
> look something like this:
>
> % curl https://casdev.newschoool.edu/cas/status
>
> Health: OK
>
> 1.SessionMonitor: OK - 1 sessions. 0 service tickets.
>
> 2.MemoryMonitor: OK - 1452.29MB free (79.77%), 368.32MB used, 1820.61MB
> total.
>
> Host: casdev-srv01
> Server: https://casdev.newschool.edu
> Version: 5.2.2
>
>
> Does that part work? If so, move on to the next part. If not, set <Property
> name="cas.log.level" >*debug*</Property> near the top of log4j2.xml,
> restart the server, and check cas.log.
>
> If the above is working, then you should also be able to access
>
> http[s]://your.cas.server/cas/status/dashboard
>
>
> and have the CAS login page appear. Don't forget that in order for this to
> work, you need to create an entry in the service registry for the dashboard
> URL:
>
> "serviceId" : "^https://your.cas.server/cas/status/dashboard(\\z|/.*)",
>
>
>
> Does that part work? If so, move on to the next part. If not, it's
> probably a service registry problem.
>
> If the above is working, then you should authenticate to the CAS server as
> a user you've listed in admusers.properties. This file should have lines
> like
>
> username=passwordnotused,ROLE_ADMIN
>
>
> Where username is the user's LDAP user name (sAMAccountName in your
> setup). The user should use his/her LDAP password.
>
> Does that part work? If not, check the debug logs, or report back here
> with the error message(s) you're seeing.
>
> Good luck,
> --Dave
>
>
>
>
>
> --
>
> DAVID A. CURRY, CISSP
> *DIRECTOR OF INFORMATION SECURITY*
> INFORMATION TECHNOLOGY
>
> 71 FIFTH AVE., 9TH FL., NEW YORK, NY 10003
> +1 212 229-5300 x4728 • [email protected] <javascript:>
>
> [image: The New School]
>
> On Fri, Feb 2, 2018 at 7:54 AM, Carlos Eduardo Santos <
> [email protected] <javascript:>> wrote:
>
>> / status / dashborad - Page not found.
>> Hello everyone, I have been trying to configure the CAS server for a few
>> days (following all the information from "the new school"). The information
>> is very clear, but I could not access anything ahead of / status /.
>> To the status page I can visualize the dashboard, for example, nothing.
>> Below the configuration of cas.properties
>>
>> cas.server.name = http: // xxxxxxxxxxxxxx
>> cas.server.prefix = $ {server.name} / cas
>> cas.tgc.secure = true
>> cas.tgc.encryptionKey = DCETkZ33-A7TETvjgZ24J_o2xQkyQxc0FCFa725ubnY
>> cas.tgc.signingKey =
>> 8y-RtN0Ny3VF9DAkNQPvIeXXkHtTetFu9bEcG5G7F95ckmSdvE9ZdMSbVCRvBEmwJv_Bbr7wBIfsCrXdo-IytQ
>> cas.webflow.crypto.signing.key =
>> J4qjH74TlZY5Ic6GTnblZbwKN4Ye1mBuMEr-a3_DNpakNbmkX0LUmXGQ30oetbf8N_dNXsG_rdjWyXUOen1mEA
>> cas.webflow.crypto.encryption.key = dE1URfP5K6nvFtnUgBppQw ==
>> cas.authn.accept.users =
>> logging.config = file: /etc/cas/config/log4j2.xml
>> cas.serviceRegistry.config.location = file: / etc / cas / services
>> cas.authn.accept.users =
>> cas.authn.ldap [0] .order = 0
>> cas.authn.ldap [0] .name = Active Directory
>> cas.authn.ldap [0] .type = AUTHENTICATED
>> cas.authn.ldap [0] .ldapUrl = ldap: //10.1.0.48:389
>> cas.authn.ldap [0] .userFilter = sAMAccountName = {user}
>> cas.authn.ldap [0] .useSsl = false
>> cas.authn.ldap [0] .baseDn = OU = CNANET, DC = cna, DC = org, DC = br
>> cas.authn.ldap [0] .dnFormat = uid =% s, ou = people, dc = example, dc =
>> org
>> cas.authn.ldap [0] .subtreeSearch = true
>> cas.authn.ldap [0] .bindDn = cn = xxxxx, cn = Users, dc = xxx, dc = org,
>> dc = br
>> cas.authn.ldap [0] .bindCredential = xxxxxxx
>> cas.adminPagesSecurity.actuatorEndpointsEnabled = true
>> cas.monitor.endpoints.enabled = true
>> endpoints.enabled = true
>> cas.adminPagesSecurity.ip = ^ 10 \\. 1 \\. (3 \\. [0-9] {1,3} | 0 \\.
>> [12] 0) $
>> cas.monitor.endpoints.sensitive = false
>> endpoints.sensitive = false
>> cas.adminPagesSecurity.loginUrl = $ {cas.server.prefix} / login
>> cas.adminPagesSecurity.service = $ {cas.server.prefix} / status /
>> dashboard
>> cas.adminPagesSecurity.users = file: /etc/cas/config/admusers.properties
>> cas.adminPagesSecurity.adminRoles [0] = ROLE_ADMIN
>> ##############
>> I'm trying to free cas.adminPagesSecurity.ip for the 10.1.3.0/24
>> network. but I do not know if that's the right way.
>> I've tried to follow another topic that talks about it but without
>> success.
>> Please, can someone help me !!!
>> Thank you.
>>
>> --
>> - Website: https://apereo.github.io/cas
>> - Gitter Chatroom: https://gitter.im/apereo/cas
>> - List Guidelines: https://goo.gl/1VRrw7
>> - Contributions: https://goo.gl/mh7qDG
>> ---
>> You received this message because you are subscribed to the Google Groups
>> "CAS Community" group.
>> To unsubscribe from this group and stop receiving emails from it, send an
>> email to [email protected] <javascript:>.
>> To view this discussion on the web visit
>> https://groups.google.com/a/apereo.org/d/msgid/cas-user/aeed34f4-003b-45ed-9221-264c6f45ea04%40apereo.org
>>
>> <https://groups.google.com/a/apereo.org/d/msgid/cas-user/aeed34f4-003b-45ed-9221-264c6f45ea04%40apereo.org?utm_medium=email&utm_source=footer>
>> .
>>
>
>
--
- Website: https://apereo.github.io/cas
- Gitter Chatroom: https://gitter.im/apereo/cas
- List Guidelines: https://goo.gl/1VRrw7
- Contributions: https://goo.gl/mh7qDG
---
You received this message because you are subscribed to the Google Groups "CAS
Community" group.
To unsubscribe from this group and stop receiving emails from it, send an email
to [email protected].
To view this discussion on the web visit
https://groups.google.com/a/apereo.org/d/msgid/cas-user/a015990e-68d9-4477-992b-fc2d2c19040d%40apereo.org.
