Arkady,
Did you try without the '*'? (i.e. use specific ips)
Ray
On Thu, 2023-02-23 at 23:48 -0800, Arkady Keppert wrote:
Notice: This message was sent from outside the University of Victoria email
system. Please be cautious with links and sensitive information.
If i leave only one ip addres everything is working fine. I did try before with
comma separated and the result is the same but when comma separated it wont
let me in even when i provide my ip addres.
2023-02-24 07:31:45,593 WARN [org.apereo.cas.util.function.FunctionUtils] -
<Failed to parse address127.0.0.1,10.xx.xx.*
IpAddressMatcher.java:parseAddress:96
IpAddressMatcher.java:<init>:58
CasWebSecurityConfigurerAdapter.java:lambda$configureEndpointAccessByIpAddress$10:297
>
2023-02-24 07:31:45,593 WARN
[org.apereo.cas.web.security.CasWebSecurityConfigurerAdapter] - <Provided
regular expression or IP/netmask [[127.0.0.1,10.xx.xx.*]] does not match
[10.xx.xx.7]>
Everything is working fine on version 6.5.9 with the same setting and ip
separated with | - like 127.0.0.1|10.xx.xx.*
czwartek, 23 lutego 2023 o 18:33:49 UTC+1 Ray Bon napisaĆ(a):
And see the link that Dimitry provided in this convo,
https://groups.google.com/a/apereo.org/g/cas-user/c/4cfgQCOhx14/m/Ko-LwxttBAAJ
Ray
On Thu, 2023-02-23 at 06:00 -0800, Arkady Keppert wrote:
Notice: This message was sent from outside the University of Victoria email
system. Please be cautious with links and sensitive information.
I'm getting errors while checking the status of cas:
2023-02-23 14:48:34,931 WARN [org.apereo.cas.util.function.FunctionUtils] -
<Failed to parse
address127.0.0.1|10.xx.xx.xx|10.xx.xx.xx|xxx.xxx.xxx.xx|10.xx.xx.*
IpAddressMatcher.java:parseAddress:96
IpAddressMatcher.java:<init>:58
CasWebSecurityConfigurerAdapter.java:lambda$configureEndpointAccessByIpAddress$10:297
my cas.properties looks like this :
cas.monitor.endpoints.endpoint.defaults.access=IP_ADDRESS
cas.monitor.endpoints.endpoint.defaults.required-ip-addresses=
127.0.0.1|10.xx.xx.xx|10.xx.xx.xx|10.xx.xx.*
cas.monitor.endpoints.endpoint.health.access[0]=IP_ADDRESS
cas.monitor.endpoints.endpoint.health.required-ip-addresses[0]=127.0.0.1|10.xx.xx.xx|10.xx.xx.xx|xxx.xxx.xxx.xx|10.xx.xx.*
cas.monitor.endpoints.endpoint.dashboard.access[0]=IP_ADDRESS
cas.monitor.endpoints.endpoint.dashboard.required-ip-addresses[0]=127.0.0.1|10.xx.xx.xx|10.xx.xx.xx|xxx.xxx.xxx.xx|10.xx.xx.*
# discoveryProfile used by cas-management, WORKS only by IP address access.
Restrict it.
cas.monitor.endpoints.endpoint.discoveryProfile.access[0]=IP_ADDRESS
cas.monitor.endpoints.endpoint.discoveryProfile.required-ip-addresses[0]=127.0.0.1|10.xx.xx.xx|10.xx.xx.xx|xxx.xxx.xxx.xx|10.xx.xx.*
cas version : 6.6.6
tomcat version : 9.0.71
Does anyone have similar problems or a solution
--
- Website: https://apereo.github.io/cas
- Gitter Chatroom: https://gitter.im/apereo/cas
- List Guidelines: https://goo.gl/1VRrw7
- Contributions: https://goo.gl/mh7qDG
---
You received this message because you are subscribed to the Google Groups "CAS
Community" group.
To unsubscribe from this group and stop receiving emails from it, send an email
to cas-user+unsubscr...@apereo.org.
To view this discussion on the web visit
https://groups.google.com/a/apereo.org/d/msgid/cas-user/10cc749f66c98e86f11e971c83f3c43ca59a88f0.camel%40uvic.ca.
