David,


Along the same lines,



/cas/status says access denied.



Is a different file?





===========================

Thank You;

Chris Cheltenham
Technology Services
The School District of Philadelphia

Work # 215-400-5025
Cell # 215-301-6571

From: cas-user@apereo.org [mailto:cas-user@apereo.org] On Behalf Of David 
Curry
Sent: Friday, February 23, 2018 10:52 AM
To: cas-user@apereo.org
Subject: Re: [cas-user] CAS5 management



Admin pages is the /status/dashboard stuff (and all the things underneath). 
The access to that is controlled with a user.properties file as well.



The format is what I gave you in the earlier email. So for casuser, it would 
be



casuser=passwordnotused,ROLE_ADMIN



or equivalently,



casuser=empty,ROLE_ADMIN



I should note that the password field (the first field after the "=") is 
only "not used" if you're using CAS to authenticate access to the management 
webapp (which I assume you are).



--Dave






--

DAVID A. CURRY, CISSP
DIRECTOR OF INFORMATION SECURITY
INFORMATION TECHNOLOGY

71 FIFTH AVE., 9TH FL., NEW YORK, NY 10003
+1 212 229-5300 x4728 •  <mailto:david.cu...@newschool.edu> 
david.cu...@newschool.edu

  <http://www.newschool.edu/marketing-communication/img/tns-sig-logo.jpg>



On Fri, Feb 23, 2018 at 10:47 AM, Cheltenham, Chris 
<ccheltenham-...@philasd.org <mailto:ccheltenham-...@philasd.org> > wrote:

David,



I honestly don’t know what you mean.



What admin pages?



And how should this be formatted?



casuser=ROLE_ADMIN,enabled







===========================

Thank You;

Chris Cheltenham
Technology Services
The School District of Philadelphia

Work # 215-400-5025
Cell # 215-301-6571

From:  <mailto:cas-user@apereo.org> cas-user@apereo.org [mailto: 
<mailto:cas-user@apereo.org> cas-user@apereo.org] On Behalf Of David Curry
Sent: Friday, February 23, 2018 10:33 AM
To:  <mailto:cas-user@apereo.org> cas-user@apereo.org
Subject: Re: [cas-user] CAS5 management



Your users.properties file is not formatted correctly. It's the same format 
(and in fact can be the same file) as the one for the admin pages:



# The syntax for each line is:

#

# username=password,grantedAuthority[,grantedAuthority][,enabled|disabled]

#

gnarls=passwordnotused,ROLE_ADMIN



The above allows a user named "gnarls" to have access.



--Dave






--

DAVID A. CURRY, CISSP
DIRECTOR OF INFORMATION SECURITY
INFORMATION TECHNOLOGY

 
<https://maps.google.com/?q=71+FIFTH+AVE.,+9TH+FL.,+NEW+YORK,+NY+10003&entry=gmail&source=g>71
 FIFTH AVE., 9TH FL., NEW YORK, NY 10003+1 212 229-5300 x4728 •  
<mailto:david.cu...@newschool.edu>david.cu...@newschool.edu  
<http://www.newschool.edu/marketing-communication/img/tns-sig-logo.jpg>On Fri, 
Feb 23, 2018 at 10:28 AM, Cheltenham, Chris<ccheltenham-...@philasd.org 
<mailto:ccheltenham-...@philasd.org> > wrote:Hello Everyone,Still having 
problems with access denied on /cas-managementI turned on DEBUG and I see this 
in the logs.22T13:22:12.379-05:00[America/New_York], 
authenticationMethod=Employee-LDAP,successfulAuthenticationHandlers=Employee-LDAP,longTermAuthenticationRequestTokenUsed=false}
 | roles: [] | permissions: []| isRemembered: false | clientName: CasClient 
|linkedId: null |] does not contain the required role [ROLE_ADMIN]My 
users.properties files look thusly –     casuser=ROLE_ADMIN,<myid>and yes 
ROLE_ADMIN is stated in the management.properties file.     
cas.mgmt.adminRoles[0]=ROLE_ADMINThere is a Json file in /etc/cas/services or 
the users.properties file.That is stated in cas.properties   
cas.serviceRegistry.config.location=file:/etc/cas/servicesIs there a way to 
format the users. Properties file so anyone can use themanagement 
portal?===========================Thank You;Chris CheltenhamTechnology 
ServicesThe School District of PhiladelphiaWork # 215-400-5025Cell # 
215-301-6571--- Website: https://apereo.github.io/cas- Gitter Chatroom: 
https://gitter.im/apereo/cas- List Guidelines: https://goo.gl/1VRrw7- 
Contributions: https://goo.gl/mh7qDG---You received this message because you 
are subscribed to the Google Groups"CAS Community" group.To unsubscribe from 
this group and stop receiving emails from it, send anemail to 
cas-user+unsubscr...@apereo.org<mailto:cas-user+unsubscr...@apereo.org> .To 
view this discussion on the web 
visithttps://groups.google.com/a/apereo.org/d/msgid/cas-user/008301d3acba%24f0e4fe30%24d2aefa90%24%40philasd.org<https://groups.google.com/a/apereo.org/d/msgid/cas-user/008301d3acba%24f0e4fe30%24d2aefa90%24%40philasd.org?utm_medium=email&utm_source=footer>
 .--- Website: https://apereo.github.io/cas- Gitter Chatroom: 
https://gitter.im/apereo/cas- List Guidelines: https://goo.gl/1VRrw7- 
Contributions: https://goo.gl/mh7qDG---You received this message because you 
are subscribed to the Google Groups"CAS Community" group.To unsubscribe from 
this group and stop receiving emails from it, send anemail to 
cas-user+unsubscr...@apereo.org<mailto:cas-user+unsubscr...@apereo.org> .To 
view this discussion on the web 
visithttps://groups.google.com/a/apereo.org/d/msgid/cas-user/CA%2Bd9XAOZfm-azTX0TzCFs7AYmY2DkvNLF%2Bv82mJqicSZntatMA%40mail.gmail.com<https://groups.google.com/a/apereo.org/d/msgid/cas-user/CA%2Bd9XAOZfm-azTX0TzCFs7AYmY2DkvNLF%2Bv82mJqicSZntatMA%40mail.gmail.com?utm_medium=email&utm_source=footer>
 .--- Website: https://apereo.github.io/cas- Gitter Chatroom: 
https://gitter.im/apereo/cas- List Guidelines: https://goo.gl/1VRrw7- 
Contributions: https://goo.gl/mh7qDG---You received this message because you 
are subscribed to the Google Groups"CAS Community" group.To unsubscribe from 
this group and stop receiving emails from it, send anemail to 
cas-user+unsubscr...@apereo.org<mailto:cas-user+unsubscr...@apereo.org> .To 
view this discussion on the web 
visithttps://groups.google.com/a/apereo.org/d/msgid/cas-user/00a301d3acbd%249552e2f0%24bff8a8d0%24%40philasd.org<https://groups.google.com/a/apereo.org/d/msgid/cas-user/00a301d3acbd%249552e2f0%24bff8a8d0%24%40philasd.org?utm_medium=email&utm_source=footer>
 .--- Website: https://apereo.github.io/cas- Gitter Chatroom: 
https://gitter.im/apereo/cas- List Guidelines: https://goo.gl/1VRrw7- 
Contributions: https://goo.gl/mh7qDG---You received this message because you 
are subscribed to the Google Groups"CAS Community" group.To unsubscribe from 
this group and stop receiving emails from it, send anemail to 
cas-user+unsubscr...@apereo.org<mailto:cas-user+unsubscr...@apereo.org> .To 
view this discussion on the web 
visithttps://groups.google.com/a/apereo.org/d/msgid/cas-user/CA%2Bd9XAORN6K6VTdPmUCz_RAtO6%2BsPXoib9gTtFVFMF6W0n5ONQ%40mail.gmail.com<https://groups.google.com/a/apereo.org/d/msgid/cas-user/CA%2Bd9XAORN6K6VTdPmUCz_RAtO6%2BsPXoib9gTtFVFMF6W0n5ONQ%40mail.gmail.com?utm_medium=email&utm_source=footer>
 .

-- 
- Website: https://apereo.github.io/cas
- Gitter Chatroom: https://gitter.im/apereo/cas
- List Guidelines: https://goo.gl/1VRrw7
- Contributions: https://goo.gl/mh7qDG
--- 
You received this message because you are subscribed to the Google Groups "CAS 
Community" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to cas-user+unsubscr...@apereo.org.
To view this discussion on the web visit 
https://groups.google.com/a/apereo.org/d/msgid/cas-user/00ed01d3accc%246e1b38e0%244a51aaa0%24%40philasd.org.

Reply via email to