Re: [cas-user] cas admin pages from every IP?

2018-05-15 Thread Jennifer LaVoie 
Thanks again

what type of pizza do you eat?

On Tue, May 15, 2018 at 4:02 PM, David Curry 
wrote:

> You need to set  cas.adminPagesSecurity.ip to a regular expression that
> matches the IPs you want to let in.
>
> To allow all of 10.28.51 in, you'd have something like this:
>
> cas.adminPagesSecurity.ip:  ^10\\.28\\.51\\.[0-9]{1,3}$
>
> I have something like this:
>
> cas.adminPagesSecurity.ip:  ^192\\.168\\.(50\\.[0-9]{1,3}|
> 1\\.[12]0)$
>
> which allows the entire 192.168.50 subnet, as well as 192.168.1.10 and
> 192.168.1.20 (the load balancers).
>
> You can use the entire regexp syntax in there, so you can go crazy. :-)
>
> You might find this helpful to make sure you get what you want:
> https://www.freeformatter.com/java-regex-tester.html
>
>
>
> --
>
> DAVID A. CURRY, CISSP
> *DIRECTOR OF INFORMATION SECURITY*
> INFORMATION TECHNOLOGY
>
> 71 FIFTH AVE., 9TH FL., NEW YORK, NY 10003
> 
> +1 212 229-5300 x4728 • david.cu...@newschool.edu
>
> [image: The New School]
>
> On Tue, May 15, 2018 at 3:54 PM, Jennifer LaVoie 
> wrote:
>
>> I want to be able to hit the admin page from any host...is there a way to
>> do that in the /etc/cas/config/cas.properties file?  I tried leaving the
>> entry blank, but no luck
>>
>> my subnet is 10.28.51 so I at least need that so all my sys admins can
>> log in.
>>
>> thanks
>> Jen
>>
>> --
>> - Website: https://apereo.github.io/cas
>> - Gitter Chatroom: https://gitter.im/apereo/cas
>> - List Guidelines: https://goo.gl/1VRrw7
>> - Contributions: https://goo.gl/mh7qDG
>> ---
>> You received this message because you are subscribed to the Google Groups
>> "CAS Community" group.
>> To unsubscribe from this group and stop receiving emails from it, send an
>> email to cas-user+unsubscr...@apereo.org.
>> To view this discussion on the web visit https://groups.google.com/a/ap
>> ereo.org/d/msgid/cas-user/1323debf-0538-47b1-a9b0-15bed457ab
>> b1%40apereo.org
>> 
>> .
>>
>
> --
> - Website: https://apereo.github.io/cas
> - Gitter Chatroom: https://gitter.im/apereo/cas
> - List Guidelines: https://goo.gl/1VRrw7
> - Contributions: https://goo.gl/mh7qDG
> ---
> You received this message because you are subscribed to the Google Groups
> "CAS Community" group.
> To unsubscribe from this group and stop receiving emails from it, send an
> email to cas-user+unsubscr...@apereo.org.
> To view this discussion on the web visit https://groups.google.com/a/
> apereo.org/d/msgid/cas-user/CA%2Bd9XAPkHzFox7gPE73i8O75doQYWQ
> dJJikYJE54rT_J18D%2BFw%40mail.gmail.com
> 
> .
>



-- 
"Confusion is a word we have invented for an order which is not
understood."  ~Henry Miller

-- 
- Website: https://apereo.github.io/cas
- Gitter Chatroom: https://gitter.im/apereo/cas
- List Guidelines: https://goo.gl/1VRrw7
- Contributions: https://goo.gl/mh7qDG
--- 
You received this message because you are subscribed to the Google Groups "CAS 
Community" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to cas-user+unsubscr...@apereo.org.
To view this discussion on the web visit 
https://groups.google.com/a/apereo.org/d/msgid/cas-user/CA%2Bwv1vFuVMSo4moLuz4ErRbaEWPMHs1WhzKk-WrqJy4RpGHp9A%40mail.gmail.com.

Re: [cas-user] cas admin pages from every IP?

2018-05-15 Thread David Curry 
You need to set  cas.adminPagesSecurity.ip to a regular expression that
matches the IPs you want to let in.

To allow all of 10.28.51 in, you'd have something like this:

cas.adminPagesSecurity.ip:  ^10\\.28\\.51\\.[0-9]{1,3}$

I have something like this:

cas.adminPagesSecurity.ip:
^192\\.168\\.(50\\.[0-9]{1,3}|1\\.[12]0)$

which allows the entire 192.168.50 subnet, as well as 192.168.1.10 and
192.168.1.20 (the load balancers).

You can use the entire regexp syntax in there, so you can go crazy. :-)

You might find this helpful to make sure you get what you want:
https://www.freeformatter.com/java-regex-tester.html



--

DAVID A. CURRY, CISSP
*DIRECTOR OF INFORMATION SECURITY*
INFORMATION TECHNOLOGY

71 FIFTH AVE., 9TH FL., NEW YORK, NY 10003
+1 212 229-5300 x4728 • david.cu...@newschool.edu

[image: The New School]

On Tue, May 15, 2018 at 3:54 PM, Jennifer LaVoie 
wrote:

> I want to be able to hit the admin page from any host...is there a way to
> do that in the /etc/cas/config/cas.properties file?  I tried leaving the
> entry blank, but no luck
>
> my subnet is 10.28.51 so I at least need that so all my sys admins can log
> in.
>
> thanks
> Jen
>
> --
> - Website: https://apereo.github.io/cas
> - Gitter Chatroom: https://gitter.im/apereo/cas
> - List Guidelines: https://goo.gl/1VRrw7
> - Contributions: https://goo.gl/mh7qDG
> ---
> You received this message because you are subscribed to the Google Groups
> "CAS Community" group.
> To unsubscribe from this group and stop receiving emails from it, send an
> email to cas-user+unsubscr...@apereo.org.
> To view this discussion on the web visit https://groups.google.com/a/
> apereo.org/d/msgid/cas-user/1323debf-0538-47b1-a9b0-
> 15bed457abb1%40apereo.org
> 
> .
>

-- 
- Website: https://apereo.github.io/cas
- Gitter Chatroom: https://gitter.im/apereo/cas
- List Guidelines: https://goo.gl/1VRrw7
- Contributions: https://goo.gl/mh7qDG
--- 
You received this message because you are subscribed to the Google Groups "CAS 
Community" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to cas-user+unsubscr...@apereo.org.
To view this discussion on the web visit 
https://groups.google.com/a/apereo.org/d/msgid/cas-user/CA%2Bd9XAPkHzFox7gPE73i8O75doQYWQdJJikYJE54rT_J18D%2BFw%40mail.gmail.com.

[cas-user] cas admin pages from every IP?

2018-05-15 Thread Jennifer LaVoie 
I want to be able to hit the admin page from any host...is there a way to 
do that in the /etc/cas/config/cas.properties file?  I tried leaving the 
entry blank, but no luck

my subnet is 10.28.51 so I at least need that so all my sys admins can log 
in.

thanks
Jen

-- 
- Website: https://apereo.github.io/cas
- Gitter Chatroom: https://gitter.im/apereo/cas
- List Guidelines: https://goo.gl/1VRrw7
- Contributions: https://goo.gl/mh7qDG
--- 
You received this message because you are subscribed to the Google Groups "CAS 
Community" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to cas-user+unsubscr...@apereo.org.
To view this discussion on the web visit 
https://groups.google.com/a/apereo.org/d/msgid/cas-user/1323debf-0538-47b1-a9b0-15bed457abb1%40apereo.org.