...
To allow access from other IPs you must edit the src/main/webapp/WEB-INF/web.xml in the IdP's source. Within this file will be a servlet parameter named AllowedIPs
, located at line 119 (for Version 2.2.1) in the default file. On the line below is a space-separated list of CIDR blocks allowed to access the page. This list supports both IPv4 (in 'dotted' notation) and IPv6 (in 'colon' notation) ranges.With IdP version 2.3.8 you will need to edit $IDP_HOME/conf/web.xml instead of src/main/webapp/WEB-INF/web.xml. The install.sh script will ignore any changes to the latter
If you wish to preserve web.xml across installs an upgrades you should preserve it in the conf directory as discussed here.
Code Block | ||||||
---|---|---|---|---|---|---|
| ||||||
<!-- Servlet for displaying IdP status. --> <servlet> <servlet-name>Status</servlet-name> <servlet-class>edu.internet2.middleware.shibboleth.idp.StatusServlet</servlet-class> <!-- Space separated list of CIDR blocks allowed to access the status page --> <init-param> <param-name>AllowedIPs</param-name> <param-value>127.0.0.1/32 ::1/128 192.168.0.0/16</param-value> </init-param> <load-on-startup>2</load-on-startup> </servlet> |