Does it take CIDR?
10.17.133.2/31,10.17.133.4/32
From: cas-user@apereo.org <cas-user@apereo.org> On Behalf Of Baron Fujimoto
Sent: Tuesday, March 7, 2023 10:14 PM
To: CAS Community <cas-user@apereo.org>
Subject: [EXTERNAL SENDER] Re: [cas-user] requiredIpAddresses specification?
Actually, I've belatedly discovered I'm also seeing warnings logged about being
unable to parse regular expressions for IP addresses in 6.6.5, I'm setting
something like the following:
cas.monitor.endpoints.endpoint.defaults.required-ip-addresses=127.0.0.1,
10.17.133.[234], ...
But the following is logged:
WARN [org.apereo.cas.util.function.FunctionUtils] - <Failed to parse
address10.17.133.[234]
IpAddressMatcher.java:parseAddress:96
IpAddressMatcher.java:<init>:58
CasWebSecurityConfigurerAdapter.java:lambda$configureEndpointAccessByIpAddress$10:297
How should IP addresses using regular expressions in the list be defined? I
expected "10.17.133.[234]" to represent "10.17.133.2, 10.17.133.3, 10.17.133.4"
On Thu, Feb 23, 2023 at 8:44 PM Arkady Keppert
<vtsun...@gmail.com<mailto:vtsun...@gmail.com>> wrote:
One i leave only one ip addres everything is working find. I did try before
with comma and the result is the same but comma it wont let me in even when i
provide my ip addres.
2023-02-24 07:31:45,593 WARN [org.apereo.cas.util.function.FunctionUtils] -
<Failed to parse address127.0.0.1,10.xx.xx.*
IpAddressMatcher.java:parseAddress:96
IpAddressMatcher.java:<init>:58
CasWebSecurityConfigurerAdapter.java:lambda$configureEndpointAccessByIpAddress$10:297
>
2023-02-24 07:31:45,593 WARN
[org.apereo.cas.web.security.CasWebSecurityConfigurerAdapter] - <Provided
regular expression or IP/netmask [[127.0.0.1,10.xx.xx.*]] does not match
[10.xx.xx.7]>
Everything is working find on version 6.5.9 with the same setting and ip
separated with | like 127.0.0.1|10.xx.xx.*
czwartek, 23 lutego 2023 o 18:16:28 UTC+1 baron napisał(a):
Ahh, there it is. Ok, thanks! I guess for now this is generally a pretty
indirect way to find the information (and at least for me, prone to error), and
as you noted can be hit or miss. :/
On Thu, Feb 23, 2023 at 5:41 AM Dmitriy Kopylenko
<dkopy...@unicon.net<mailto:dkopy...@unicon.net>> wrote:
This field:
https://github.com/apereo/cas/blob/master/api/cas-server-core-api-configuration-model/src/main/java/org/apereo/cas/configuration/model/core/monitor/ActuatorEndpointProperties.java#L44-L48
D.
On Feb 23, 2023 at 09:40:51, Baron Fujimoto
<ba...@hawaii.edu<mailto:ba...@hawaii.edu>> wrote:
I'm still not sure I'm looking in the right place then, because I also don't
see it in either of:
•
<https://github.com/apereo/cas/blob/master/api/cas-server-core-api-configuration-model/src/main/java/org/apereo/cas/configuration/model/core/monitor/ActuatorEndpointProperties.java>
•
<https://www.javadoc.io/doc/org.apereo.cas/cas-server-core-api-configuration-model/latest/org/apereo/cas/configuration/model/core/monitor/ActuatorEndpointProperties.EndpointAccessLevel.html>
Which I think are for the master branch?
On Thu, Feb 23, 2023 at 2:48 AM Dmitriy Kopylenko
<dkopy...@unicon.net<mailto:dkopy...@unicon.net>> wrote:
Hi Baron.
Ok, you are right, that comment is not available in the version that you are
dealing with. I was looking at the master branch, so it’s “hit or miss” :)
D.
On Thu, Feb 23, 2023 at 00:56 Baron Fujimoto
<ba...@hawaii.edu<mailto:ba...@hawaii.edu>> wrote:
Thanks, Dima. That `./gradlew exportConfigMetadata` task will be very handy
going forward.
My apologies for the probably dumb question, but where exactly does one find
those javadocs? I tried fumbling around what seemed like likely places for the
version I'm working with (6.6.5), such as:
•
<https://github.com/apereo/cas/blob/v6.6.5/api/cas-server-core-api-configuration-model/src/main/java/org/apereo/cas/configuration/model/core/monitor/ActuatorEndpointProperties.java>
•
<https://www.javadoc.io/doc/org.apereo.cas/cas-server-core-api-configuration-model/6.6.5/org/apereo/cas/configuration/model/core/monitor/ActuatorEndpointProperties.html>
But I don't see the comment you provided as an example.
On Wed, Feb 22, 2023 at 5:00 AM Dmitriy Kopylenko
<dkopy...@unicon.net<mailto:dkopy...@unicon.net>> wrote:
Hello.
There is a useful Gradle task available which would generate the properties
file containing ALL CAS’ properties along with documentation comments for each.
Then one could use search in that file to see what’s available. To run it,
simply execute ./gradlew exportConfigMetadata from the root of your overlay and
it will generate file named config-metadata.properties for your reference.
And then for example for the property in question it contains:
# Type: java.util.List<String>
# Module: cas-server-support-reports
# Owner:
org.apereo.cas.configuration.model.core.monitor.ActuatorEndpointProperties
#
# Required ip addresses.
#
# cas.monitor.endpoints.endpoint.[key].required-ip-addresses:
With owner configuration class documented
(org.apereo.cas.configuration.model.core.monitor.ActuatorEndpointProperties),
one could see the source of it and in particular the member field in question:
/**
* Required IP addresses. CIDR ranges are accepted.
*/
@RegularExpressionCapable
private List<String> requiredIpAddresses = new ArrayList<>(0);
where from the Javadoc comment it’s now clear that CIDR ranges are accepted in
its values.
HTH,
D.
On Feb 22, 2023 at 08:49:49, David Malia
<dma...@gmail.com<mailto:dma...@gmail.com>> wrote:
A CIDR range like 10.10.10.64/26<http://10.10.10.64/26> is acceptable in the
list. I got that answer by looking at the source. I remember reading there
is a way to have CAS Initilizer to list out the properties which I think listed
out any documentation on the properties. I could be remembering wrong, and I
don't remember the command, so maybe someone who knows more than me can chime
in. I don't think that property is listed in the current website
documentation, and I am happy to be wrong about that as well. This is an open
source project, and I have some extra time today, I can attempt to take a stab
at it. I'm sure it was an oversight when they updated the layout of the
documentation. I remember struggling with this with a recent upgrade we did
as well. I'll probably get some of it wrong, but the maintainers are pretty
good with their responses, and will correct my wrongness in the pull request
with helpful suggestions.
David
On Fri, Feb 17, 2023 at 10:15 AM Baron Fujimoto
<ba...@hawaii.edu<mailto:ba...@hawaii.edu>> wrote:
I find the CAS documentation increasingly difficult to use. It often seems
impossible to find something you're looking for unless you already know where
to look.
For example, I'm trying to find out how I can specify the value for a
requiredIpAddresses property. E.g.
"cas.monitor.endpoints.endpoint.defaults.requiredIpAddresses".
I know it can be a list, and each address can be specified with a regex, e.g.
"10.10.10.[123]", but can it take a range or CIDR address? Specifying something
like 10.10.10.64/26<http://10.10.10.64/26> gets kind of unwieldy and not as
understandable when trying to do it with a traditional regex.
Generally it's been super frustrating trying to find anything for
cas.properties. The search function seems particularly useless unless there's
some secret to it I'm missing.
--
Baron Fujimoto <ba...@hawaii.edu<mailto:ba...@hawaii.edu>> ::: UH Information
Technology Services
minutas cantorum, minutas balorum, minutas carboratum descendus pantorum
--
- Website: https://apereo.github.io/cas
- Gitter Chatroom: https://gitter.im/apereo/cas
- List Guidelines: https://goo.gl/1VRrw7
- Contributions: https://goo.gl/mh7qDG
---
You received this message because you are subscribed to the Google Groups "CAS
Community" group.
To unsubscribe from this group and stop receiving emails from it, send an email
to cas-user+u...@apereo.org<mailto:cas-user+u...@apereo.org>.
To view this discussion on the web visit
https://groups.google.com/a/apereo.org/d/msgid/cas-user/CAAjLUL2UdLk-NCGwE7r6NjMXNeLXyV-PvBEsU%3DG%3Dm6qdC%2Bps1Q%40mail.gmail.com<https://groups.google.com/a/apereo.org/d/msgid/cas-user/CAAjLUL2UdLk-NCGwE7r6NjMXNeLXyV-PvBEsU%3DG%3Dm6qdC%2Bps1Q%40mail.gmail.com?utm_medium=email&utm_source=footer>.
--
- Website: https://apereo.github.io/cas
- Gitter Chatroom: https://gitter.im/apereo/cas
- List Guidelines: https://goo.gl/1VRrw7
- Contributions: https://goo.gl/mh7qDG
---
You received this message because you are subscribed to the Google Groups "CAS
Community" group.
To unsubscribe from this group and stop receiving emails from it, send an email
to cas-user+u...@apereo.org<mailto:cas-user+u...@apereo.org>.
To view this discussion on the web visit
https://groups.google.com/a/apereo.org/d/msgid/cas-user/CAL3JkE%2BpJeo44VfAXG0hU_iAtZnCa0f-WjK5H5VLFr6E8qf9bA%40mail.gmail.com<https://groups.google.com/a/apereo.org/d/msgid/cas-user/CAL3JkE%2BpJeo44VfAXG0hU_iAtZnCa0f-WjK5H5VLFr6E8qf9bA%40mail.gmail.com?utm_medium=email&utm_source=footer>.
--
- Website: https://apereo.github.io/cas
- Gitter Chatroom: https://gitter.im/apereo/cas
- List Guidelines: https://goo.gl/1VRrw7
- Contributions: https://goo.gl/mh7qDG
---
You received this message because you are subscribed to the Google Groups "CAS
Community" group.
To unsubscribe from this group and stop receiving emails from it, send an email
to cas-user+u...@apereo.org<mailto:cas-user+u...@apereo.org>.
To view this discussion on the web visit
https://groups.google.com/a/apereo.org/d/msgid/cas-user/CAMpiYKjCmQGfajZarWtkL3GDzyigZV2OXNGWCy1Wg%2BsVS2HUcg%40mail.gmail.com<https://groups.google.com/a/apereo.org/d/msgid/cas-user/CAMpiYKjCmQGfajZarWtkL3GDzyigZV2OXNGWCy1Wg%2BsVS2HUcg%40mail.gmail.com?utm_medium=email&utm_source=footer>.
--
Baron Fujimoto <ba...@hawaii.edu<mailto:ba...@hawaii.edu>> ::: UH Information
Technology Services
minutas cantorum, minutas balorum, minutas carboratum descendus pantorum
--
- Website: https://apereo.github.io/cas
- Gitter Chatroom: https://gitter.im/apereo/cas
- List Guidelines: https://goo.gl/1VRrw7
- Contributions: https://goo.gl/mh7qDG
---
You received this message because you are subscribed to the Google Groups "CAS
Community" group.
To unsubscribe from this group and stop receiving emails from it, send an email
to cas-user+u...@apereo.org<mailto:cas-user+u...@apereo.org>.
To view this discussion on the web visit
https://groups.google.com/a/apereo.org/d/msgid/cas-user/CAAjLUL0dmwg%3D0HryZAbAShiU%2BhNHbgzrtzVR3%2BAJ9H%2BR3UmyUA%40mail.gmail.com<https://groups.google.com/a/apereo.org/d/msgid/cas-user/CAAjLUL0dmwg%3D0HryZAbAShiU%2BhNHbgzrtzVR3%2BAJ9H%2BR3UmyUA%40mail.gmail.com?utm_medium=email&utm_source=footer>.
--
- Website: https://apereo.github.io/cas
- Gitter Chatroom: https://gitter.im/apereo/cas
- List Guidelines: https://goo.gl/1VRrw7
- Contributions: https://goo.gl/mh7qDG
---
You received this message because you are subscribed to the Google Groups "CAS
Community" group.
To unsubscribe from this group and stop receiving emails from it, send an email
to cas-user+u...@apereo.org<mailto:cas-user+u...@apereo.org>.
To view this discussion on the web visit
https://groups.google.com/a/apereo.org/d/msgid/cas-user/CAMpiYKi85eKC9ohrGFPhq678xN%3Dq4bUvKmwnseO52BvjVZ9PZg%40mail.gmail.com<https://groups.google.com/a/apereo.org/d/msgid/cas-user/CAMpiYKi85eKC9ohrGFPhq678xN%3Dq4bUvKmwnseO52BvjVZ9PZg%40mail.gmail.com?utm_medium=email&utm_source=footer>.
--
Baron Fujimoto <ba...@hawaii.edu<mailto:ba...@hawaii.edu>> ::: UH Information
Technology Services
minutas cantorum, minutas balorum, minutas carboratum descendus pantorum
--
- Website: https://apereo.github.io/cas
- Gitter Chatroom: https://gitter.im/apereo/cas
- List Guidelines: https://goo.gl/1VRrw7
- Contributions: https://goo.gl/mh7qDG
---
You received this message because you are subscribed to the Google Groups "CAS
Community" group.
To unsubscribe from this group and stop receiving emails from it, send an email
to cas-user+u...@apereo.org<mailto:cas-user+u...@apereo.org>.
To view this discussion on the web visit
https://groups.google.com/a/apereo.org/d/msgid/cas-user/CAAjLUL1_rhK9aO_6jkeGJ6pdON1yjCZZRB6DRN%2Bixymd4pTcwA%40mail.gmail.com<https://groups.google.com/a/apereo.org/d/msgid/cas-user/CAAjLUL1_rhK9aO_6jkeGJ6pdON1yjCZZRB6DRN%2Bixymd4pTcwA%40mail.gmail.com?utm_medium=email&utm_source=footer>.
--
- Website: https://apereo.github.io/cas
- Gitter Chatroom: https://gitter.im/apereo/cas
- List Guidelines: https://goo.gl/1VRrw7
- Contributions: https://goo.gl/mh7qDG
---
You received this message because you are subscribed to the Google Groups "CAS
Community" group.
To unsubscribe from this group and stop receiving emails from it, send an email
to cas-user+u...@apereo.org<mailto:cas-user+u...@apereo.org>.
To view this discussion on the web visit
https://groups.google.com/a/apereo.org/d/msgid/cas-user/CAMpiYKiYVkb7wnkBmUti-1n%3DGE9QNFiMXzOY-SFcre3DNpB%2B7A%40mail.gmail.com<https://groups.google.com/a/apereo.org/d/msgid/cas-user/CAMpiYKiYVkb7wnkBmUti-1n%3DGE9QNFiMXzOY-SFcre3DNpB%2B7A%40mail.gmail.com?utm_medium=email&utm_source=footer>.
--
Baron Fujimoto <ba...@hawaii.edu<mailto:ba...@hawaii.edu>> ::: UH Information
Technology Services
minutas cantorum, minutas balorum, minutas carboratum descendus pantorum
--
Baron Fujimoto <ba...@hawaii.edu<mailto:ba...@hawaii.edu>> ::: UH Information
Technology Services
minutas cantorum, minutas balorum, minutas carboratum descendus pantorum
--
- Website: https://apereo.github.io/cas
- Gitter Chatroom: https://gitter.im/apereo/cas
- List Guidelines: https://goo.gl/1VRrw7
- Contributions: https://goo.gl/mh7qDG
---
You received this message because you are subscribed to the Google Groups "CAS
Community" group.
To unsubscribe from this group and stop receiving emails from it, send an email
to cas-user+unsubscr...@apereo.org<mailto:cas-user+unsubscr...@apereo.org>.
To view this discussion on the web visit
https://groups.google.com/a/apereo.org/d/msgid/cas-user/CAAjLUL3edxZPY70%3DrvkG34hMJxrLSHk12TSxcjtoz9c_DoDEbw%40mail.gmail.com<https://groups.google.com/a/apereo.org/d/msgid/cas-user/CAAjLUL3edxZPY70%3DrvkG34hMJxrLSHk12TSxcjtoz9c_DoDEbw%40mail.gmail.com?utm_medium=email&utm_source=footer>.
--
- Website: https://apereo.github.io/cas
- Gitter Chatroom: https://gitter.im/apereo/cas
- List Guidelines: https://goo.gl/1VRrw7
- Contributions: https://goo.gl/mh7qDG
---
You received this message because you are subscribed to the Google Groups "CAS
Community" group.
To unsubscribe from this group and stop receiving emails from it, send an email
to cas-user+unsubscr...@apereo.org.
To view this discussion on the web visit
https://groups.google.com/a/apereo.org/d/msgid/cas-user/7840f86ac5114a8880298cddc059c522%40mun.ca.
