Unless you really want it to only be accessible from the local host that the server is running on, you need to comment out this line:
cas.adminPagesSecurity.ip=127\.0\.0\.1 Or more appropriately, set it to a value that matches the IPs you want to be able to reach the status page. It's a Java regex, so you can do just about anything. -- DAVID A. CURRY, CISSP *DIRECTOR • INFORMATION SECURITY & PRIVACY* THE NEW SCHOOL • INFORMATION TECHNOLOGY 71 FIFTH AVE., 9TH FL., NEW YORK, NY 10003 +1 646 909-4728 • david.cu...@newschool.edu On Wed, Jun 26, 2019 at 12:09 PM 123 456 <abcdzx...@gmail.com> wrote: > Template: https://github.com/apereo/cas-gradle-overlay-template > > #================= > # cas.properties > #================= > > > server.port = **** > cas.server.name: https://{server}:**** > cas.server.prefix: https://{server}:****/cas > > cas.adminPagesSecurity.ip=127\.0\.0\.1 > > logging.config: file:/etc/cas/config/log4j2.xml > #cas.serviceRegistry.json.location: classpath:/etc/cas/services-repo > > # SSL > server.ssl.enabled=true > server.ssl.keyStore=file:/etc/cas/thekeystore > server.ssl.keyStorePassword=changeit > server.ssl.keyPassword=changeit > > cas.authn.accept.users= > > #======================================== > # Service Registry > #======================================== > cas.serviceRegistry.watcherEnabled=true > cas.serviceRegistry.initFromJson=true > cas.serviceRegistry.json.location=classpath:/etc/cas/services > > #================================== > # Status > #================================== > > cas.adminPagesSecurity.actuatorEndpointsEnabled=true > cas.monitor.endpoints.enabled=true > endpoints.enabled=true > > cas.monitor.endpoints.sensitive=false > endpoints.sensitive=false > cas.monitor.endpoints.status.enabled=false > cas.monitor.endpoints.status.sensitive=true > > cas.adminPagesSecurity.loginUrl=https://{server}/cas/login > cas.adminPagesSecurity.service=https://{server}/cas/status > cas.adminPagesSecurity.users=file:/etc/cas/config/admusers.properties > cas.adminPagesSecurity.adminRoles[0]=ROLE_ADMIN > > > *************************************** > > > #======================== > # admnusers.properties > #======================== > > # This file lists the users who are allowed access to the CAS /status/* > # endpoints ("adminpages"). > # > # The syntax for each line is: > # > # username=password,grantedAuthority[,grantedAuthority][,enabled|disabled] > # > casuser=notused,ROLE_ADMIN > > > > **************************************************************************** > > > > -- > - Website: https://apereo.github.io/cas > - Gitter Chatroom: https://gitter.im/apereo/cas > - List Guidelines: https://goo.gl/1VRrw7 > - Contributions: https://goo.gl/mh7qDG > --- > You received this message because you are subscribed to the Google Groups > "CAS Community" group. > To unsubscribe from this group and stop receiving emails from it, send an > email to cas-user+unsubscr...@apereo.org. > To view this discussion on the web visit > https://groups.google.com/a/apereo.org/d/msgid/cas-user/7330ab0c-ba94-4f6d-9926-18a3d8458311%40apereo.org > <https://groups.google.com/a/apereo.org/d/msgid/cas-user/7330ab0c-ba94-4f6d-9926-18a3d8458311%40apereo.org?utm_medium=email&utm_source=footer> > . > -- - Website: https://apereo.github.io/cas - Gitter Chatroom: https://gitter.im/apereo/cas - List Guidelines: https://goo.gl/1VRrw7 - Contributions: https://goo.gl/mh7qDG --- You received this message because you are subscribed to the Google Groups "CAS Community" group. To unsubscribe from this group and stop receiving emails from it, send an email to cas-user+unsubscr...@apereo.org. To view this discussion on the web visit https://groups.google.com/a/apereo.org/d/msgid/cas-user/CA%2Bd9XAOCUZthvNcKfkvQWSmya6aUmFiZRXpv8pPP2jiM%3DBXjMw%40mail.gmail.com.
