Grouper Users - Open Discussion List

["Imholz, John J." <>]

The Technical FAQ:  https://spaces.internet2.edu/display/Grouper/Technical+FAQ

 

Indicates that Grouper UI will recognize that REMOTE_USER is there, and proceed accordingly. 

 

Once I got Apache httpd, passing REMOTE_USER, I no longer get prompted for basicAuth.  So, it seems to be an authorization problem.

 

jji

 

From: Vivek Sachdeva [mailto:]
Sent: Thursday, September 03, 2015 3:48 PM
To: Imholz, John J. <>
Cc:
Subject: Re: [grouper-users] New install of 2.2.1 - UI denied access

 

It's been a while since I secured Grouper UI using Shib. I think by default grouper uses basic authentication and you will need to modify web.xml file and remove all the security tags from it. Link below helped me

 

https://spaces.internet2.edu/display/Grouper/Newcastle+University+-+Protecting+UI+With+Shib

 

Thanks,

Vivek Sachdeva

 

 

 

 

On Thu, Sep 3, 2015 at 12:34 PM, Imholz, John J. <> wrote:

I've installed with grouper installer.

With gsh added myself to wheel.  (didn't fix the problem, because of grouper.properties setting)

Edited <installer>/conf/grouper.properties to include:  groups.wheel.use = true

Ran:  cd grouper.ui-2.2.1 ; ant dist

Restarted tomcat:  bin/shutdown.sh ; bin/startup.sh

Fronted the app with apache w/shib.

I get a "403 Access to the requested resource has been denied"  when I try to goto the UI (initially https://grouperdev.musc.edu/grouper, but gets redirected to https://grouperdev.musc.edu/grouper/grouperUi/app/UiV2Main.index)


Apache is passing: REMOTE_USER = 900001976

And that's how I found my subject in gsh (when adding to wheel)
    addMember("etc:sysadmingroup", "900001976")

I'm sure I missed something.  Any suggestions?

jji