Subject: Grouper Users - Open Discussion List
- From: Chris Hyzer <>
- To: Peter DiCamillo <>, Michael McManaman <>, "" <>
- Subject: RE: [grouper-users] Probably a dumb question.
- Date: Tue, 15 Dec 2015 16:11:49 +0000
- Accept-language: en-US
There is good logging for this... put this in the log4j.properties and you
should have some help to see whats going on:
log4j.logger.edu.internet2.middleware.grouper.ui.GrouperUiFilter = DEBUG
On Behalf Of Peter DiCamillo
Sent: Monday, December 14, 2015 7:28 PM
To: Michael McManaman;
Subject: Re: [grouper-users] Probably a dumb question.
Have you tried using basic authentication with Apache instead of using
Shib? That could be useful for debugging to indicate whether it's a Shib
configuration problem or something else. Also, have you checked that the
value you are providing in REMOTE_USER is something which works when you
search for the user in the Grouper UI?
On 12/14/15 4:27 PM, Michael McManaman wrote:
> We used the grouper installer, then went back and retrofitted our OS
> installed tomcat as the java app server.
> We've tried both mod_jk and mod_proxy_ajp with the same results.
> It looks like tomcat talks to apache OK, but the grouper pieces just
> are failing.
> On 12/14/2015 03:36 PM, Peter DiCamillo wrote:
>> Hi, at Brown we put Apache in front of Tomcat using mod_proxy_ajp.
>> Doing that preserves REMOTE_USER for Grouper. Then we configure Shib
>> authentication in Apache in the usual way.
>> On 12/14/15 3:03 PM, Michael McManaman wrote:
>>> Hey everybody -
>>> I'm new to the internet2/grouper project, so bear with me, if you
>>> have the time.
>>> I've followed the Newcastle U. GrouperUI with Shib doc, I've also
>>> follow a GrouperUI/shib related doc out of the university of Alaska.
>>> And finally I've followed the Consortium GARR project/pdf on
>>> Shibbolizing Grouper. All 3 were new installs of grouper, to avoid
>>> any confusion with configs.
>>> The last one looked very promising, but I always end up with an 'You
>>> have an anonymous session...' type-error for the most part.
>>> We do not have CAS set up here and I'm wondering, seeing CAS and
>>> Grouper seem to be mentioned together frequently that CAS has to be
>>> implemented to get a shibbolized Grouper login configured correctly?.
>>> I have the SP configured correctly (we do shib SPs for many other
>>> services) and am populating the REMOTE_USER variable - I can
>>> authenticate successfully against our IdP, but there must be a step
>>> that i'm missing.
>>> Anyone have any ideas?
- [grouper-users] Probably a dumb question., Michael McManaman, 12/14/2015
Archive powered by MHonArc 2.6.16.