diff --git a/Dockerfile b/Dockerfile
index a913af5..75c994f 100644
--- a/Dockerfile
+++ b/Dockerfile
@@ -48,7 +48,7 @@ RUN /opt/container_files/docker-build-bin/containerDockerfileInstall.sh $JAVA_HO
# docker exec -it mygrouper bash
WORKDIR /opt/grouper/grouperWebapp/WEB-INF/
-EXPOSE 80 443
+EXPOSE 80 443 8080 8443
HEALTHCHECK NONE
ENTRYPOINT ["/usr/local/bin/entrypoint.sh"]
diff --git a/Dockerfile3 b/Dockerfile3
index ab425f9..5489942 100644
--- a/Dockerfile3
+++ b/Dockerfile3
@@ -1,4 +1,6 @@
-FROM i2incommon/grouper:4.3.0
+FROM i2incommon/grouper:5.7.0
-ENTRYPOINT ["ping"]
-CMD ["google.com"]
\ No newline at end of file
+COPY container_files/usr-local-bin /usr/local/bin
+COPY container_files /opt
+
+EXPOSE 8080 8443 8009
diff --git a/container_files/tomcat/conf/server.xml.grouper b/container_files/tomcat/conf/server.xml.grouper
index bb8b491..1b2d37a 100644
--- a/container_files/tomcat/conf/server.xml.grouper
+++ b/container_files/tomcat/conf/server.xml.grouper
@@ -169,9 +169,9 @@
<!--
<Valve className="org.apache.catalina.authenticator.SingleSignOn" />
-->
- <!--GROUPER_REMOTE_CIDR_VALVE-->
+ <!--GROUPER_TOMCAT_REMOTE_CIDR_VALVE-->
- <!--GROUPER_REMOTE_IP_VALVE-->
+ <!--GROUPER_TOMCAT_REMOTE_IP_VALVE-->
<!-- Access log processes all example.
Documentation at: /docs/config/valve.html
diff --git a/container_files/tomcat/conf/server.xml.grouper.patch b/container_files/tomcat/conf/server.xml.grouper.patch
index 5a72128..98a6c7e 100644
--- a/container_files/tomcat/conf/server.xml.grouper.patch
+++ b/container_files/tomcat/conf/server.xml.grouper.patch
@@ -1,5 +1,5 @@
--- server.xml.original 2023-08-21 10:59:20.000000000 -0400
-+++ server.xml.grouper 2023-12-29 16:10:49.000000000 -0500
++++ server.xml.grouper 2023-12-31 16:12:56.000000000 -0500
@@ -66,11 +66,12 @@
APR (HTTP/AJP) Connector: /docs/apr.html
Define a non-SSL/TLS HTTP/1.1 Connector on port 8080
@@ -37,9 +37,9 @@
<!--
<Valve className="org.apache.catalina.authenticator.SingleSignOn" />
-->
-+ <!--GROUPER_REMOTE_CIDR_VALVE-->
++ <!--GROUPER_TOMCAT_REMOTE_CIDR_VALVE-->
+
-+ <!--GROUPER_REMOTE_IP_VALVE-->
++ <!--GROUPER_TOMCAT_REMOTE_IP_VALVE-->
<!-- Access log processes all example.
Documentation at: /docs/config/valve.html
diff --git a/container_files/usr-local-bin/libraryPrep.sh b/container_files/usr-local-bin/libraryPrep.sh
index 9aec2c7..ed311aa 100644
--- a/container_files/usr-local-bin/libraryPrep.sh
+++ b/container_files/usr-local-bin/libraryPrep.sh
@@ -287,20 +287,20 @@ prep_finishBegin() {
export GROUPER_CHOWN_DIRS=true
fi
if [ -z "$GROUPER_TOMCAT_HTTP_PORT" ]; then
- echo "grouperContainer; INFO: (libraryPrep.sh-prep_finishBegin) export GROUPER_TOMCAT_HTTP_PORT=8080"
- export GROUPER_TOMCAT_HTTP_PORT=8080
+ echo "grouperContainer; INFO: (libraryPrep.sh-prep_finishBegin) export GROUPER_TOMCAT_HTTP_PORT=-1"
+ export GROUPER_TOMCAT_HTTP_PORT=-1
fi
if [ -z "$GROUPER_TOMCAT_HTTPS_PORT" ]; then
echo "grouperContainer; INFO: (libraryPrep.sh-prep_finishBegin) export GROUPER_TOMCAT_HTTPS_PORT=8443"
- export GROUPER_TOMCAT_HTTP_PORT=8443
+ export GROUPER_TOMCAT_HTTPS_PORT=8443
fi
if [ -z "$GROUPER_TOMCAT_MAX_HEADER_COUNT" ]; then
echo "grouperContainer; INFO: (libraryPrep.sh-prep_finishBegin) export GROUPER_TOMCAT_MAX_HEADER_COUNT=200"
export GROUPER_TOMCAT_MAX_HEADER_COUNT=200
fi
if [ -z "$GROUPER_TOMCAT_AJP_PORT" ]; then
- echo "grouperContainer; INFO: (libraryPrep.sh-prep_finishBegin) export GROUPER_TOMCAT_AJP_PORT=8009"
- export GROUPER_TOMCAT_AJP_PORT=8009
+ echo "grouperContainer; INFO: (libraryPrep.sh-prep_finishBegin) export GROUPER_TOMCAT_AJP_PORT=-1"
+ export GROUPER_TOMCAT_AJP_PORT=-1
fi
if [ -z "$GROUPER_TOMCAT_SHUTDOWN_PORT" ]; then
echo "grouperContainer; INFO: (libraryPrep.sh-prep_finishBegin) export GROUPER_TOMCAT_SHUTDOWN_PORT=8005"
@@ -311,6 +311,10 @@ prep_finishBegin() {
echo "grouperContainer; INFO: (libraryPrep.sh-prep_finishBegin) export GROUPER_TOMCAT_HTTPS_ALIAS=localhost"
export GROUPER_TOMCAT_HTTPS_ALIAS=localhost
fi
+ if [ -z "$GROUPER_TOMCAT_LOG_ACCESS_DIRECTORY" ]; then
+ echo "grouperContainer; INFO: (libraryPrep.sh-prep_finishBegin) export GROUPER_TOMCAT_LOG_ACCESS_DIRECTORY=/opt/grouper/logs"
+ export GROUPER_TOMCAT_LOG_ACCESS_DIRECTORY=/opt/grouper/logs
+ fi
if [ -z "$GROUPER_GSH_JVMARGS" ] ; then
echo "grouperContainer; INFO: (libraryPrep.sh-prep_finishBegin) export GROUPER_GSH_JVMARGS=\"-Djavax.net.ssl.trustStore=/etc/pki/java/cacerts\""
diff --git a/container_files/usr-local-bin/librarySetupFiles.sh b/container_files/usr-local-bin/librarySetupFiles.sh
index 610ac2c..2ed9ac6 100644
--- a/container_files/usr-local-bin/librarySetupFiles.sh
+++ b/container_files/usr-local-bin/librarySetupFiles.sh
@@ -100,6 +100,27 @@ setupFiles_localLogging() {
echo "grouperContainer; INFO: (librarySetupFiles.sh-setupFiles_localLogging) sed -i \"s|__FILEEND__|-->|g\" /opt/grouper/grouperWebapp/WEB-INF/classes/log4j2.xml, result: $?"
if [ $returnCode != 0 ]; then exit $returnCode; fi
fi
+ if [ "$GROUPER_LOG_TO_PIPE" = "true" ] && [ "1" = "2" ]; then
+ sed -i "s|__LOGPIPESTART__||g" /opt/grouper/grouperWebapp/WEB-INF/classes/log4j2.xml
+ returnCode=$?
+ echo "grouperContainer; INFO: (librarySetupFiles.sh-setupFiles_localLogging) sed -i \"s|__LOGPIPESTART__||g\" /opt/grouper/grouperWebapp/WEB-INF/classes/log4j2.xml, result: $?"
+ if [ $returnCode != 0 ]; then exit $returnCode; fi
+
+ sed -i "s|__LOGPIPEEND__||g" /opt/grouper/grouperWebapp/WEB-INF/classes/log4j2.xml
+ returnCode=$?
+ echo "grouperContainer; INFO: (librarySetupFiles.sh-setupFiles_localLogging) sed -i \"s|__LOGPIPEEND__||g\" /opt/grouper/grouperWebapp/WEB-INF/classes/log4j2.xml, result: $?"
+ if [ $returnCode != 0 ]; then exit $returnCode; fi
+ else
+ sed -i "s|__LOGPIPESTART__|<!--|g" /opt/grouper/grouperWebapp/WEB-INF/classes/log4j2.xml
+ returnCode=$?
+ echo "grouperContainer; INFO: (librarySetupFiles.sh-setupFiles_localLogging) sed -i \"s|__LOGPIPESTART__|<!--|g\" /opt/grouper/grouperWebapp/WEB-INF/classes/log4j2.xml, result: $?"
+ if [ $returnCode != 0 ]; then exit $returnCode; fi
+
+ sed -i "s|__LOGPIPEEND__|-->|g" /opt/grouper/grouperWebapp/WEB-INF/classes/log4j2.xml
+ returnCode=$?
+ echo "grouperContainer; INFO: (librarySetupFiles.sh-setupFiles_localLogging) sed -i \"s|__LOGPIPEEND__|-->|g\" /opt/grouper/grouperWebapp/WEB-INF/classes/log4j2.xml, result: $?"
+ if [ $returnCode != 0 ]; then exit $returnCode; fi
+ fi
# add semicolons
LOCAL_ENV=
diff --git a/container_files/usr-local-bin/librarySetupFilesTomcat.sh b/container_files/usr-local-bin/librarySetupFilesTomcat.sh
index 562a25d..95407db 100644
--- a/container_files/usr-local-bin/librarySetupFilesTomcat.sh
+++ b/container_files/usr-local-bin/librarySetupFilesTomcat.sh
@@ -20,114 +20,114 @@ setupFilesTomcat() {
setupFilesTomcat_remoteIpValve() {
if [ "$GROUPER_TOMCAT_REMOTE_IP_VALVE" = "true" ]; then
- if [ $(grep -c '<!--GROUPER_REMOTE_IP_VALVE-->' /opt/tomcat/conf/server.xml) -ge 1 ]; then
+ if [ $(grep -c '<!--GROUPER_TOMCAT_REMOTE_IP_VALVE-->' /opt/tomcat/conf/server.xml) -ge 1 ]; then
# <Valve className="org.apache.catalina.valves.RemoteIpValve" internalProxies="192\.168\.0\.10|192\.168\.0\.11" remoteIpHeader="x-forwarded-for" proxiesHeader="x-forwarded-by" trustedProxies="proxy1|proxy2" />
- # <Valve className="org.apache.catalina.valves.RemoteIpValve" __REMOTE_IP_INTERNAL_PROXIES__ __REMOTE_IP_HEADER__ __REMOTE_IP_PROXIES_HEADER__ __REMOTE_IP_TRUSTED_PROXIES__ __REMOTE_IP_PROCOL_HEADER__ __REMOTE_IP_PROCOL_HEADER_HTTPS_VALUE__ __REMOTE_IP_HTTP_SERVER_PORT__ __REMOTE_IP_HTTPS_SERVER_PORT__ />
+ # <Valve className="org.apache.catalina.valves.RemoteIpValve" __GROUPER_TOMCAT_REMOTE_IP_INTERNAL_PROXIES__ __GROUPER_TOMCAT_REMOTE_IP_HEADER__ __GROUPER_TOMCAT_REMOTE_IP_PROXIES_HEADER__ __GROUPER_TOMCAT_REMOTE_IP_TRUSTED_PROXIES__ __GROUPER_TOMCAT_REMOTE_IP_PROTOCOL_HEADER__ __GROUPER_TOMCAT_REMOTE_IP_PROTOCOL_HEADER_HTTPS_VALUE__ __GROUPER_TOMCAT_REMOTE_IP_HTTP_SERVER_PORT__ __GROUPER_TOMCAT_REMOTE_IP_HTTPS_SERVER_PORT__ />
- sed -i 's|<!--GROUPER_REMOTE_IP_VALVE-->|<Valve className="org.apache.catalina.valves.RemoteIpValve" __REMOTE_IP_INTERNAL_PROXIES__ __REMOTE_IP_HEADER__ __REMOTE_IP_PROXIES_HEADER__ __REMOTE_IP_TRUSTED_PROXIES__ />|g' /opt/tomcat/conf/server.xml
+ sed -i 's|<!--GROUPER_TOMCAT_REMOTE_IP_VALVE-->|<Valve className="org.apache.catalina.valves.RemoteIpValve" __GROUPER_TOMCAT_REMOTE_IP_INTERNAL_PROXIES__ __GROUPER_TOMCAT_REMOTE_IP_HEADER__ __GROUPER_TOMCAT_REMOTE_IP_PROXIES_HEADER__ __GROUPER_TOMCAT_REMOTE_IP_TRUSTED_PROXIES__ __GROUPER_TOMCAT_REMOTE_IP_PROTOCOL_HEADER__ __GROUPER_TOMCAT_REMOTE_IP_PROTOCOL_HEADER_HTTPS_VALUE__ __GROUPER_TOMCAT_REMOTE_IP_HTTP_SERVER_PORT__ __GROUPER_TOMCAT_REMOTE_IP_HTTPS_SERVER_PORT__ />|g' /opt/tomcat/conf/server.xml
returnCode=$?
- echo "grouperContainer; INFO: (librarySetupFilesTomcat.sh-setupFilesTomcat_remoteIpValve) Apply remote IP valve: sed -i 's|<!--GROUPER_REMOTE_IP_VALVE-->|<Valve className="org.apache.catalina.valves.RemoteIpValve" __REMOTE_IP_INTERNAL_PROXIES__ __REMOTE_IP_HEADER__ __REMOTE_IP_PROXIES_HEADER__ __REMOTE_IP_TRUSTED_PROXIES__ />|g' /opt/tomcat/conf/server.xml, result: $returnCode"
+ echo "grouperContainer; INFO: (librarySetupFilesTomcat.sh-setupFilesTomcat_remoteIpValve) Apply remote IP valve: sed -i 's|<!--GROUPER_TOMCAT_REMOTE_IP_VALVE-->|<Valve className="org.apache.catalina.valves.RemoteIpValve" __GROUPER_TOMCAT_REMOTE_IP_INTERNAL_PROXIES__ __GROUPER_TOMCAT_REMOTE_IP_HEADER__ __GROUPER_TOMCAT_REMOTE_IP_PROXIES_HEADER__ __GROUPER_TOMCAT_REMOTE_IP_TRUSTED_PROXIES__ __GROUPER_TOMCAT_REMOTE_IP_PROTOCOL_HEADER__ __GROUPER_TOMCAT_REMOTE_IP_PROTOCOL_HEADER_HTTPS_VALUE__ __GROUPER_TOMCAT_REMOTE_IP_HTTP_SERVER_PORT__ __GROUPER_TOMCAT_REMOTE_IP_HTTPS_SERVER_PORT__ />|g' /opt/tomcat/conf/server.xml, result: $returnCode"
if [ $returnCode != 0 ]; then exit $returnCode; fi
- if [ ! -z "$REMOTE_IP_INTERNAL_PROXIES" ]; then
- sed -i 's|__REMOTE_IP_INTERNAL_PROXIES__|internalProxies="$REMOTE_IP_INTERNAL_PROXIES"|g' /opt/tomcat/conf/server.xml
+ if [ ! -z "$GROUPER_TOMCAT_REMOTE_IP_INTERNAL_PROXIES" ]; then
+ sed -i "s|__GROUPER_TOMCAT_REMOTE_IP_INTERNAL_PROXIES__|internalProxies=\"$GROUPER_TOMCAT_REMOTE_IP_INTERNAL_PROXIES\"|g" /opt/tomcat/conf/server.xml
returnCode=$?
- echo "grouperContainer; INFO: (librarySetupFilesTomcat.sh-setupFilesTomcat_remoteIpValve) sed -i 's|__REMOTE_IP_INTERNAL_PROXIES__|internalProxies=\"$REMOTE_IP_INTERNAL_PROXIES\"|g' /opt/tomcat/conf/server.xml, result: $returnCode"
+ echo "grouperContainer; INFO: (librarySetupFilesTomcat.sh-setupFilesTomcat_remoteIpValve) sed -i \"s|__GROUPER_TOMCAT_REMOTE_IP_INTERNAL_PROXIES__|internalProxies=\\\"$GROUPER_TOMCAT_REMOTE_IP_INTERNAL_PROXIES\\\"|g\" /opt/tomcat/conf/server.xml, result: $returnCode"
if [ $returnCode != 0 ]; then exit $returnCode; fi
else
- sed -i 's|__REMOTE_IP_INTERNAL_PROXIES__||g' /opt/tomcat/conf/server.xml
+ sed -i 's|__GROUPER_TOMCAT_REMOTE_IP_INTERNAL_PROXIES__||g' /opt/tomcat/conf/server.xml
returnCode=$?
- echo "grouperContainer; INFO: (librarySetupFilesTomcat.sh-setupFilesTomcat_remoteIpValve) sed -i 's|__REMOTE_IP_INTERNAL_PROXIES__||g' /opt/tomcat/conf/server.xml, result: $returnCode"
+ echo "grouperContainer; INFO: (librarySetupFilesTomcat.sh-setupFilesTomcat_remoteIpValve) sed -i 's|__GROUPER_TOMCAT_REMOTE_IP_INTERNAL_PROXIES__||g' /opt/tomcat/conf/server.xml, result: $returnCode"
if [ $returnCode != 0 ]; then exit $returnCode; fi
fi
- if [ ! -z "$REMOTE_IP_HEADER" ]; then
- sed -i 's|__REMOTE_IP_HEADER__|remoteIpHeader="$REMOTE_IP_HEADER"|g' /opt/tomcat/conf/server.xml
+ if [ ! -z "$GROUPER_TOMCAT_REMOTE_IP_HEADER" ]; then
+ sed -i "s|__GROUPER_TOMCAT_REMOTE_IP_HEADER__|remoteIpHeader=\"$GROUPER_TOMCAT_REMOTE_IP_HEADER\"|g" /opt/tomcat/conf/server.xml
returnCode=$?
- echo "grouperContainer; INFO: (librarySetupFilesTomcat.sh-setupFilesTomcat_remoteIpValve) sed -i 's|__REMOTE_IP_HEADER__|remoteIpHeader=\"$REMOTE_IP_HEADER\"|g' /opt/tomcat/conf/server.xml, result: $returnCode"
+ echo "grouperContainer; INFO: (librarySetupFilesTomcat.sh-setupFilesTomcat_remoteIpValve) sed -i \"s|__GROUPER_TOMCAT_REMOTE_IP_HEADER__|remoteIpHeader=\\\"$GROUPER_TOMCAT_REMOTE_IP_HEADER\\\"|g\" /opt/tomcat/conf/server.xml, result: $returnCode"
if [ $returnCode != 0 ]; then exit $returnCode; fi
else
- sed -i 's|__REMOTE_IP_HEADER__||g' /opt/tomcat/conf/server.xml
+ sed -i 's|__GROUPER_TOMCAT_REMOTE_IP_HEADER__||g' /opt/tomcat/conf/server.xml
returnCode=$?
- echo "grouperContainer; INFO: (librarySetupFilesTomcat.sh-setupFilesTomcat_remoteIpValve) sed -i 's|__REMOTE_IP_HEADER__||g' /opt/tomcat/conf/server.xml, result: $returnCode"
+ echo "grouperContainer; INFO: (librarySetupFilesTomcat.sh-setupFilesTomcat_remoteIpValve) sed -i 's|__GROUPER_TOMCAT_REMOTE_IP_HEADER__||g' /opt/tomcat/conf/server.xml, result: $returnCode"
if [ $returnCode != 0 ]; then exit $returnCode; fi
fi
- if [ ! -z "$REMOTE_IP_PROXIES_HEADER" ]; then
- sed -i 's|__REMOTE_IP_PROXIES_HEADER__|proxiesHeader="$REMOTE_IP_PROXIES_HEADER"|g' /opt/tomcat/conf/server.xml
+ if [ ! -z "$GROUPER_TOMCAT_REMOTE_IP_PROXIES_HEADER" ]; then
+ sed -i "s|__GROUPER_TOMCAT_REMOTE_IP_PROXIES_HEADER__|proxiesHeader=\"$GROUPER_TOMCAT_REMOTE_IP_PROXIES_HEADER\"|g" /opt/tomcat/conf/server.xml
returnCode=$?
- echo "grouperContainer; INFO: (librarySetupFilesTomcat.sh-setupFilesTomcat_remoteIpValve) sed -i 's|__REMOTE_IP_PROXIES_HEADER__|proxiesHeader=\"$REMOTE_IP_PROXIES_HEADER\"|g' /opt/tomcat/conf/server.xml, result: $returnCode"
+ echo "grouperContainer; INFO: (librarySetupFilesTomcat.sh-setupFilesTomcat_remoteIpValve) sed -i \"s|__GROUPER_TOMCAT_REMOTE_IP_PROXIES_HEADER__|proxiesHeader=\\\"$GROUPER_TOMCAT_REMOTE_IP_PROXIES_HEADER\\\"|g\" /opt/tomcat/conf/server.xml, result: $returnCode"
if [ $returnCode != 0 ]; then exit $returnCode; fi
else
- sed -i 's|__REMOTE_IP_PROXIES_HEADER__||g' /opt/tomcat/conf/server.xml
+ sed -i 's|__GROUPER_TOMCAT_REMOTE_IP_PROXIES_HEADER__||g' /opt/tomcat/conf/server.xml
returnCode=$?
- echo "grouperContainer; INFO: (librarySetupFilesTomcat.sh-setupFilesTomcat_remoteIpValve) sed -i 's|__REMOTE_IP_PROXIES_HEADER__||g' /opt/tomcat/conf/server.xml, result: $returnCode"
+ echo "grouperContainer; INFO: (librarySetupFilesTomcat.sh-setupFilesTomcat_remoteIpValve) sed -i 's|__GROUPER_TOMCAT_REMOTE_IP_PROXIES_HEADER__||g' /opt/tomcat/conf/server.xml, result: $returnCode"
if [ $returnCode != 0 ]; then exit $returnCode; fi
fi
- if [ ! -z "$REMOTE_IP_TRUSTED_PROXIES" ]; then
- sed -i 's|__REMOTE_IP_TRUSTED_PROXIES__|trustedProxies="$REMOTE_IP_TRUSTED_PROXIES"|g' /opt/tomcat/conf/server.xml
+ if [ ! -z "$GROUPER_TOMCAT_REMOTE_IP_TRUSTED_PROXIES" ]; then
+ sed -i "s|__GROUPER_TOMCAT_REMOTE_IP_TRUSTED_PROXIES__|trustedProxies=\"$GROUPER_TOMCAT_REMOTE_IP_TRUSTED_PROXIES\"|g" /opt/tomcat/conf/server.xml
returnCode=$?
- echo "grouperContainer; INFO: (librarySetupFilesTomcat.sh-setupFilesTomcat_remoteIpValve) sed -i 's|__REMOTE_IP_TRUSTED_PROXIES__|trustedProxies=\"$REMOTE_IP_TRUSTED_PROXIES\"|g' /opt/tomcat/conf/server.xml, result: $returnCode"
+ echo "grouperContainer; INFO: (librarySetupFilesTomcat.sh-setupFilesTomcat_remoteIpValve) sed -i \"s|__GROUPER_TOMCAT_REMOTE_IP_TRUSTED_PROXIES__|trustedProxies=\\\"$GROUPER_TOMCAT_REMOTE_IP_TRUSTED_PROXIES\\\"|g\" /opt/tomcat/conf/server.xml, result: $returnCode"
if [ $returnCode != 0 ]; then exit $returnCode; fi
else
- sed -i 's|__REMOTE_IP_TRUSTED_PROXIES__||g' /opt/tomcat/conf/server.xml
+ sed -i 's|__GROUPER_TOMCAT_REMOTE_IP_TRUSTED_PROXIES__||g' /opt/tomcat/conf/server.xml
returnCode=$?
- echo "grouperContainer; INFO: (librarySetupFilesTomcat.sh-setupFilesTomcat_remoteIpValve) sed -i 's|__REMOTE_IP_TRUSTED_PROXIES__||g' /opt/tomcat/conf/server.xml, result: $returnCode"
+ echo "grouperContainer; INFO: (librarySetupFilesTomcat.sh-setupFilesTomcat_remoteIpValve) sed -i 's|__GROUPER_TOMCAT_REMOTE_IP_TRUSTED_PROXIES__||g' /opt/tomcat/conf/server.xml, result: $returnCode"
if [ $returnCode != 0 ]; then exit $returnCode; fi
fi
- if [ ! -z "$REMOTE_IP_PROCOL_HEADER" ]; then
- sed -i 's|__REMOTE_IP_PROCOL_HEADER__|protocolHeader="$REMOTE_IP_PROCOL_HEADER"|g' /opt/tomcat/conf/server.xml
+ if [ ! -z "$GROUPER_TOMCAT_REMOTE_IP_PROTOCOL_HEADER" ]; then
+ sed -i "s|__GROUPER_TOMCAT_REMOTE_IP_PROTOCOL_HEADER__|protocolHeader=\"$GROUPER_TOMCAT_REMOTE_IP_PROTOCOL_HEADER\"|g" /opt/tomcat/conf/server.xml
returnCode=$?
- echo "grouperContainer; INFO: (librarySetupFilesTomcat.sh-setupFilesTomcat_remoteIpValve) sed -i 's|__REMOTE_IP_PROCOL_HEADER__|protocolHeader=\"$REMOTE_IP_PROCOL_HEADER\"|g' /opt/tomcat/conf/server.xml, result: $returnCode"
+ echo "grouperContainer; INFO: (librarySetupFilesTomcat.sh-setupFilesTomcat_remoteIpValve) sed -i \"s|__GROUPER_TOMCAT_REMOTE_IP_PROTOCOL_HEADER__|protocolHeader=\\\"$GROUPER_TOMCAT_REMOTE_IP_PROTOCOL_HEADER\\\"|g\" /opt/tomcat/conf/server.xml, result: $returnCode"
if [ $returnCode != 0 ]; then exit $returnCode; fi
else
- sed -i 's|__REMOTE_IP_PROCOL_HEADER__||g' /opt/tomcat/conf/server.xml
+ sed -i 's|__GROUPER_TOMCAT_REMOTE_IP_PROTOCOL_HEADER__||g' /opt/tomcat/conf/server.xml
returnCode=$?
- echo "grouperContainer; INFO: (librarySetupFilesTomcat.sh-setupFilesTomcat_remoteIpValve) sed -i 's|__REMOTE_IP_PROCOL_HEADER__||g' /opt/tomcat/conf/server.xml, result: $returnCode"
+ echo "grouperContainer; INFO: (librarySetupFilesTomcat.sh-setupFilesTomcat_remoteIpValve) sed -i 's|__GROUPER_TOMCAT_REMOTE_IP_PROTOCOL_HEADER__||g' /opt/tomcat/conf/server.xml, result: $returnCode"
if [ $returnCode != 0 ]; then exit $returnCode; fi
fi
- if [ ! -z "$REMOTE_IP_PROCOL_HEADER_HTTPS_VALUE" ]; then
- sed -i 's|__REMOTE_IP_PROCOL_HEADER_HTTPS_VALUE__|protocolHeaderHttpsValue="$REMOTE_IP_PROCOL_HEADER_HTTPS_VALUE"|g' /opt/tomcat/conf/server.xml
+ if [ ! -z "$GROUPER_TOMCAT_REMOTE_IP_PROTOCOL_HEADER_HTTPS_VALUE" ]; then
+ sed -i "s|__GROUPER_TOMCAT_REMOTE_IP_PROTOCOL_HEADER_HTTPS_VALUE__|protocolHeaderHttpsValue=\"$GROUPER_TOMCAT_REMOTE_IP_PROTOCOL_HEADER_HTTPS_VALUE\"|g" /opt/tomcat/conf/server.xml
returnCode=$?
- echo "grouperContainer; INFO: (librarySetupFilesTomcat.sh-setupFilesTomcat_remoteIpValve) sed -i 's|__REMOTE_IP_PROCOL_HEADER_HTTPS_VALUE__|protocolHeaderHttpsValue=\"$REMOTE_IP_PROCOL_HEADER_HTTPS_VALUE\"|g' /opt/tomcat/conf/server.xml, result: $returnCode"
+ echo "grouperContainer; INFO: (librarySetupFilesTomcat.sh-setupFilesTomcat_remoteIpValve) sed -i \"s|__GROUPER_TOMCAT_REMOTE_IP_PROTOCOL_HEADER_HTTPS_VALUE__|protocolHeaderHttpsValue=\\\"$GROUPER_TOMCAT_REMOTE_IP_PROTOCOL_HEADER_HTTPS_VALUE\\\"|g\" /opt/tomcat/conf/server.xml, result: $returnCode"
if [ $returnCode != 0 ]; then exit $returnCode; fi
else
- sed -i 's|__REMOTE_IP_PROCOL_HEADER_HTTPS_VALUE__||g' /opt/tomcat/conf/server.xml
+ sed -i 's|__GROUPER_TOMCAT_REMOTE_IP_PROTOCOL_HEADER_HTTPS_VALUE__||g' /opt/tomcat/conf/server.xml
returnCode=$?
- echo "grouperContainer; INFO: (librarySetupFilesTomcat.sh-setupFilesTomcat_remoteIpValve) sed -i 's|__REMOTE_IP_PROCOL_HEADER_HTTPS_VALUE__||g' /opt/tomcat/conf/server.xml, result: $returnCode"
+ echo "grouperContainer; INFO: (librarySetupFilesTomcat.sh-setupFilesTomcat_remoteIpValve) sed -i 's|__GROUPER_TOMCAT_REMOTE_IP_PROTOCOL_HEADER_HTTPS_VALUE__||g' /opt/tomcat/conf/server.xml, result: $returnCode"
if [ $returnCode != 0 ]; then exit $returnCode; fi
fi
- if [ ! -z "$REMOTE_IP_HTTP_SERVER_PORT" ]; then
- sed -i 's|__REMOTE_IP_HTTP_SERVER_PORT__|httpServerPort="$REMOTE_IP_HTTP_SERVER_PORT"|g' /opt/tomcat/conf/server.xml
+ if [ ! -z "$GROUPER_TOMCAT_REMOTE_IP_HTTP_SERVER_PORT" ]; then
+ sed -i "s|__GROUPER_TOMCAT_REMOTE_IP_HTTP_SERVER_PORT__|httpServerPort=\"$GROUPER_TOMCAT_REMOTE_IP_HTTP_SERVER_PORT\"|g" /opt/tomcat/conf/server.xml
returnCode=$?
- echo "grouperContainer; INFO: (librarySetupFilesTomcat.sh-setupFilesTomcat_remoteIpValve) sed -i 's|__REMOTE_IP_HTTP_SERVER_PORT__|httpServerPort=\"$REMOTE_IP_HTTP_SERVER_PORT\"|g' /opt/tomcat/conf/server.xml, result: $returnCode"
+ echo "grouperContainer; INFO: (librarySetupFilesTomcat.sh-setupFilesTomcat_remoteIpValve) sed -i \"s|__GROUPER_TOMCAT_REMOTE_IP_HTTP_SERVER_PORT__|httpServerPort=\\\"$GROUPER_TOMCAT_REMOTE_IP_HTTP_SERVER_PORT\\\"|g\" /opt/tomcat/conf/server.xml, result: $returnCode"
if [ $returnCode != 0 ]; then exit $returnCode; fi
else
- sed -i 's|__REMOTE_IP_HTTP_SERVER_PORT__||g' /opt/tomcat/conf/server.xml
+ sed -i 's|__GROUPER_TOMCAT_REMOTE_IP_HTTP_SERVER_PORT__||g' /opt/tomcat/conf/server.xml
returnCode=$?
- echo "grouperContainer; INFO: (librarySetupFilesTomcat.sh-setupFilesTomcat_remoteIpValve) sed -i 's|__REMOTE_IP_HTTP_SERVER_PORT__||g' /opt/tomcat/conf/server.xml, result: $returnCode"
+ echo "grouperContainer; INFO: (librarySetupFilesTomcat.sh-setupFilesTomcat_remoteIpValve) sed -i 's|__GROUPER_TOMCAT_REMOTE_IP_HTTP_SERVER_PORT__||g' /opt/tomcat/conf/server.xml, result: $returnCode"
if [ $returnCode != 0 ]; then exit $returnCode; fi
fi
- if [ ! -z "$REMOTE_IP_HTTPS_SERVER_PORT" ]; then
- sed -i 's|__REMOTE_IP_HTTPS_SERVER_PORT__|httpsServerPort="$REMOTE_IP_HTTPS_SERVER_PORT"|g' /opt/tomcat/conf/server.xml
+ if [ ! -z "$GROUPER_TOMCAT_REMOTE_IP_HTTPS_SERVER_PORT" ]; then
+ sed -i "s|__GROUPER_TOMCAT_REMOTE_IP_HTTPS_SERVER_PORT__|httpsServerPort=\"$GROUPER_TOMCAT_REMOTE_IP_HTTPS_SERVER_PORT\"|g" /opt/tomcat/conf/server.xml
returnCode=$?
- echo "grouperContainer; INFO: (librarySetupFilesTomcat.sh-setupFilesTomcat_remoteIpValve) sed -i 's|__REMOTE_IP_HTTPS_SERVER_PORT__|httpsServerPort=\"$REMOTE_IP_HTTPS_SERVER_PORT\"|g' /opt/tomcat/conf/server.xml, result: $returnCode"
+ echo "grouperContainer; INFO: (librarySetupFilesTomcat.sh-setupFilesTomcat_remoteIpValve) sed -i \"s|__GROUPER_TOMCAT_REMOTE_IP_HTTPS_SERVER_PORT__|httpsServerPort=\\\"$GROUPER_TOMCAT_REMOTE_IP_HTTPS_SERVER_PORT\\\"|g\" /opt/tomcat/conf/server.xml, result: $returnCode"
if [ $returnCode != 0 ]; then exit $returnCode; fi
else
- sed -i 's|__REMOTE_IP_HTTPS_SERVER_PORT__||g' /opt/tomcat/conf/server.xml
+ sed -i 's|__GROUPER_TOMCAT_REMOTE_IP_HTTPS_SERVER_PORT__||g' /opt/tomcat/conf/server.xml
returnCode=$?
- echo "grouperContainer; INFO: (librarySetupFilesTomcat.sh-setupFilesTomcat_remoteIpValve) sed -i 's|__REMOTE_IP_HTTPS_SERVER_PORT__||g' /opt/tomcat/conf/server.xml, result: $returnCode"
+ echo "grouperContainer; INFO: (librarySetupFilesTomcat.sh-setupFilesTomcat_remoteIpValve) sed -i 's|__GROUPER_TOMCAT_REMOTE_IP_HTTPS_SERVER_PORT__||g' /opt/tomcat/conf/server.xml, result: $returnCode"
if [ $returnCode != 0 ]; then exit $returnCode; fi
fi
else
- echo "grouperContainer; INFO: (librarySetupFilesTomcat.sh-setupFilesTomcat_remoteIpValve) /opt/tomcat/conf/server.xml does not contain <!--GROUPER_REMOTE_IP_VALVE--> so will not have remote IP valve applied"
+ echo "grouperContainer; INFO: (librarySetupFilesTomcat.sh-setupFilesTomcat_remoteIpValve) /opt/tomcat/conf/server.xml does not contain <!--GROUPER_GROUPER_TOMCAT_REMOTE_IP_VALVE--> so will not have remote IP valve applied"
fi
fi
@@ -137,11 +137,11 @@ setupFilesTomcat_remoteIpValve() {
setupFilesTomcat_remoteCidrValve() {
if [ ! -z "$GROUPER_TOMCAT_REMOTE_CIDR_VALVE_ALLOW" ]; then
- if [ $(grep -c '<!--GROUPER_REMOTE_CIDR_VALVE-->' /opt/tomcat/conf/server.xml) -ge 1 ]; then
+ if [ $(grep -c '<!--GROUPER_TOMCAT_REMOTE_CIDR_VALVE-->' /opt/tomcat/conf/server.xml) -ge 1 ]; then
- sed -i 's|<!--GROUPER_REMOTE_CIDR_VALVE-->|<Valve className="org.apache.catalina.valves.RemoteCIDRValve" allow="__GROUPER_TOMCAT_REMOTE_CIDR_VALVE_ALLOW__" usePeerAddress="true" />|g' /opt/tomcat/conf/server.xml
+ sed -i 's|<!--GROUPER_TOMCAT_REMOTE_CIDR_VALVE-->|<Valve className="org.apache.catalina.valves.RemoteCIDRValve" allow="__GROUPER_TOMCAT_REMOTE_CIDR_VALVE_ALLOW__" usePeerAddress="true" />|g' /opt/tomcat/conf/server.xml
returnCode=$?
- echo "grouperContainer; INFO: (librarySetupFilesTomcat.sh-setupFilesTomcat_remoteCidrValve) Apply remote CIDR valve: sed -i 's|<!--GROUPER_REMOTE_CIDR_VALVE-->|<Valve className=\"org.apache.catalina.valves.RemoteCIDRValve\" allow=\"__GROUPER_TOMCAT_REMOTE_CIDR_VALVE_ALLOW__\" usePeerAddress=\"true\" />|g' /opt/tomcat/conf/server.xml, result: $returnCode"
+ echo "grouperContainer; INFO: (librarySetupFilesTomcat.sh-setupFilesTomcat_remoteCidrValve) Apply remote CIDR valve: sed -i 's|<!--GROUPER_TOMCAT_REMOTE_CIDR_VALVE-->|<Valve className=\"org.apache.catalina.valves.RemoteCIDRValve\" allow=\"__GROUPER_TOMCAT_REMOTE_CIDR_VALVE_ALLOW__\" usePeerAddress=\"true\" />|g' /opt/tomcat/conf/server.xml, result: $returnCode"
if [ $returnCode != 0 ]; then exit $returnCode; fi
sed -i "s|__GROUPER_TOMCAT_REMOTE_CIDR_VALVE_ALLOW__|$GROUPER_TOMCAT_REMOTE_CIDR_VALVE_ALLOW|g" /opt/tomcat/conf/server.xml
@@ -151,7 +151,7 @@ setupFilesTomcat_remoteCidrValve() {
else
- echo "grouperContainer; INFO: (librarySetupFilesTomcat.sh-setupFilesTomcat_remoteCidrValve) /opt/tomcat/conf/server.xml does not contain <!--GROUPER_REMOTE_CIDR_VALVE--> so will not have remote CIDR valve applied"
+ echo "grouperContainer; INFO: (librarySetupFilesTomcat.sh-setupFilesTomcat_remoteCidrValve) /opt/tomcat/conf/server.xml does not contain <!--GROUPER_TOMCAT_REMOTE_CIDR_VALVE--> so will not have remote CIDR valve applied"
fi
fi
@@ -206,7 +206,7 @@ setupFilesTomcat_turnOnHttp() {
sed -i 's|<!--GROUPER_HTTP_CONNECTOR-->|<Connector address="0.0.0.0" secure="true" scheme="https" URIEncoding="UTF-8" tomcatAuthentication="false" port="8080" protocol="HTTP/1.1" redirectPort="8443" maxParameterCount="10000" />|g' /opt/tomcat/conf/server.xml
returnCode=$?
- echo "grouperContainer; INFO: (librarySetupFilesTomcat.sh-setupFilesTomcat_turnOnHttp) Apply AJP: sed -i 's|<!--GROUPER_HTTP_CONNECTOR-->|<Connector address=\"0.0.0.0\" secure=\"true\" scheme=\"https\" URIEncoding=\"UTF-8\" tomcatAuthentication=\"false\" port=\"8080\" protocol=\"HTTP/1.1\" redirectPort=\"8443\" maxParameterCount=\"10000\" />|g' /opt/tomcat/conf/server.xml, result: $returnCode"
+ echo "grouperContainer; INFO: (librarySetupFilesTomcat.sh-setupFilesTomcat_turnOnHttp) Apply HTTP: sed -i 's|<!--GROUPER_HTTP_CONNECTOR-->|<Connector address=\"0.0.0.0\" secure=\"true\" scheme=\"https\" URIEncoding=\"UTF-8\" tomcatAuthentication=\"false\" port=\"8080\" protocol=\"HTTP/1.1\" redirectPort=\"8443\" maxParameterCount=\"10000\" />|g' /opt/tomcat/conf/server.xml, result: $returnCode"
if [ $returnCode != 0 ]; then exit $returnCode; fi
else
echo "grouperContainer; INFO: (librarySetupFilesTomcat.sh-setupFilesTomcat_turnOnHttp) /opt/tomcat/conf/server.xml does not contain <!--GROUPER_HTTP_CONNECTOR--> so will not have HTTP connector applied"
@@ -222,13 +222,31 @@ setupFilesTomcat_turnOnHttps() {
if [ $(grep -c '<!--GROUPER_HTTPS_CONNECTOR-->' /opt/tomcat/conf/server.xml) -ge 1 ]; then
- sed -i 's|<!--GROUPER_HTTPS_CONNECTOR-->|<Connector address="0.0.0.0" secure="true" scheme="https" URIEncoding="UTF-8" tomcatAuthentication="false" port="8443" protocol="org.apache.coyote.http11.Http11NioProtocol" maxParameterCount="10000" keyAlias="$GROUPER_TOMCAT_HTTPS_ALIAS" SSLEnabled="true" />|g' /opt/tomcat/conf/server.xml
+ sed -i "s|<\!--GROUPER_HTTPS_CONNECTOR-->|<Connector address=\"0.0.0.0\" secure=\"true\" scheme=\"https\" URIEncoding=\"UTF-8\" compression=\"on\" tomcatAuthentication=\"false\" port=\"8443\" protocol=\"org.apache.coyote.http11.Http11NioProtocol\" maxParameterCount=\"10000\" SSLEnabled=\"true\" ><SSLHostConfig protocols=\"TLSv1.2\"><Certificate certificateFile=\"$GROUPER_SSL_CERT_FILE\" certificateKeyFile=\"$GROUPER_SSL_KEY_FILE\" __GROUPER_SSL_CHAIN_FILE__ /></SSLHostConfig></Connector>|g" /opt/tomcat/conf/server.xml
returnCode=$?
- echo "grouperContainer; INFO: (librarySetupFilesTomcat.sh-setupFilesTomcat_turnOnHttps) Apply AJP: sed -i 's|<!--GROUPER_HTTPS_CONNECTOR-->|<Connector address=\"0.0.0.0\" secure=\"true\" scheme=\"https\" URIEncoding=\"UTF-8\" tomcatAuthentication=\"false\" port=\"8443\" protocol=\"org.apache.coyote.http11.Http11NioProtocol\" maxParameterCount=\"10000\" keyAlias=\"$GROUPER_TOMCAT_HTTPS_ALIAS\" SSLEnabled=\"true\" />|g' /opt/tomcat/conf/server.xml, result: $returnCode"
+ echo "grouperContainer; INFO: (librarySetupFilesTomcat.sh-setupFilesTomcat_turnOnHttps) Apply HTTPS: sed -i \"s|<\\!--GROUPER_HTTPS_CONNECTOR-->|<Connector address=\\\"0.0.0.0\\\" secure=\\\"true\\\" scheme=\\\"https\\\" URIEncoding=\\\"UTF-8\\\" compression=\\\"on\\\" tomcatAuthentication=\\\"false\\\" port=\\\"8443\\\" protocol=\\\"org.apache.coyote.http11.Http11NioProtocol\\\" maxParameterCount=\\\"10000\\\" keyAlias=\\\"$GROUPER_TOMCAT_HTTPS_ALIAS\\\" SSLEnabled=\\\"true\\\" ><SSLHostConfig protocols=\\\"TLSv1.2\\\"><Certificate certificateFile=\\\"$GROUPER_SSL_CERT_FILE\\\" certificateKeyFile=\\\"$GROUPER_SSL_KEY_FILE\\\" __GROUPER_SSL_CHAIN_FILE__ /></SSLHostConfig></Connector>|g\" /opt/tomcat/conf/server.xml, result: $returnCode"
if [ $returnCode != 0 ]; then exit $returnCode; fi
else
echo "grouperContainer; INFO: (librarySetupFilesTomcat.sh-setupFilesTomcat_turnOnHttps) /opt/tomcat/conf/server.xml does not contain <!--GROUPER_HTTPS_CONNECTOR--> so will not have HTTPS connector applied"
fi
+
+ if [ "$GROUPER_SSL_USE_CHAIN_FILE" = "true" ]; then
+
+ sed -i "s|__GROUPER_SSL_CHAIN_FILE__|certificateChainFile=\"$GROUPER_SSL_CHAIN_FILE\"|g" /opt/tomcat/conf/server.xml
+ returnCode=$?
+ echo "grouperContainer; INFO: (librarySetupFilesTomcat.sh-setupFilesTomcat_turnOnHttps) Setting chain: sed -i \"s|__GROUPER_SSL_CHAIN_FILE__|certificateChainFile=\\\"$GROUPER_SSL_CHAIN_FILE\\\"|g\" /opt/tomcat/conf/server.xml , result: $?"
+ if [ $returnCode != 0 ]; then exit $returnCode; fi
+
+
+ else
+ sed -i "s|__GROUPER_SSL_CHAIN_FILE__||g" /opt/tomcat/conf/server.xml
+ returnCode=$?
+ echo "grouperContainer; INFO: (librarySetupFilesTomcat.sh-setupFilesTomcat_turnOnHttps) No chain setting: sed -i \"s|__GROUPER_SSL_CHAIN_FILE__||g\" /opt/tomcat/conf/server.xml , result: $?"
+ if [ $returnCode != 0 ]; then exit $returnCode; fi
+
+ fi
+
+
else
echo "grouperContainer; INFO: (librarySetupFilesTomcat.sh-setupFilesTomcat_turnOnHttps) GROUPER_TOMCAT_HTTPS_PORT is set to -1, so will not have AJP connector applied"
fi
@@ -239,9 +257,9 @@ setupFilesTomcat_accessLogs() {
if [ "$GROUPER_TOMCAT_LOG_ACCESS" = "true" ]; then
if [ $(grep -c '<!--GROUPER_LOGGING_VALVE-->' /opt/tomcat/conf/server.xml) -ge 1 ]; then
- sed -i 's|<!--GROUPER_LOGGING_VALVE-->|<Valve className="org.apache.catalina.valves.AccessLogValve" requestAttributesEnabled="$GROUPER_TOMCAT_REMOTE_IP_VALVE" directory="/tmp" prefix="tomcat_access_log" rotatable="false" pattern="%h %l %u %t \"%r\" %s %b" />|g' /opt/tomcat/conf/server.xml
+ sed -i "s|<!--GROUPER_LOGGING_VALVE-->|<Valve className=\"org.apache.catalina.valves.AccessLogValve\" requestAttributesEnabled=\"$GROUPER_TOMCAT_REMOTE_IP_VALVE\" directory=\"$GROUPER_TOMCAT_LOG_ACCESS_DIRECTORY\" prefix=\"tomcat_access_log\" rotatable=\"false\" pattern=\"%h %l %u %t \"%r\" %s %b\" />|g" /opt/tomcat/conf/server.xml
returnCode=$?
- echo "grouperContainer; INFO: (librarySetupFilesTomcat.sh-setupFilesTomcat_accessLogs) Apply access logs: sed -i 's|<!--GROUPER_LOGGING_VALVE-->|<Valve className=\"org.apache.catalina.valves.AccessLogValve\" directory=\"/tmp\" prefix=\"tomcat_access_log\" rotatable=\"false\" pattern=\"%h %l %u %t "%r" %s %b\" />|g' /opt/tomcat/conf/server.xml, result: $returnCode"
+ echo "grouperContainer; INFO: (librarySetupFilesTomcat.sh-setupFilesTomcat_accessLogs) Apply access logs: sed -i \"s|<!--GROUPER_LOGGING_VALVE-->|<Valve className=\\\"org.apache.catalina.valves.AccessLogValve\\\" directory=\\\"GROUPER_TOMCAT_LOG_ACCESS_DIRECTORY\\\" prefix=\\\"tomcat_access_log\\\" rotatable=\\\"false\\\" pattern=\\\"%h %l %u %t "%r" %s %b\\\" />|g\" /opt/tomcat/conf/server.xml, result: $returnCode"
if [ $returnCode != 0 ]; then exit $returnCode; fi
else
@@ -253,7 +271,7 @@ setupFilesTomcat_accessLogs() {
setupFilesTomcat_ports() {
- if [ "$GROUPER_TOMCAT_HTTP_PORT" != "8080" ]; then
+ if [ "$GROUPER_TOMCAT_HTTP_PORT" != "8080" ] && [ "$GROUPER_TOMCAT_HTTP_PORT" != "-1" ] ; then
sed -i "s|8080|$GROUPER_TOMCAT_HTTP_PORT|g" /opt/tomcat/conf/server.xml
returnCode=$?
echo "grouperContainer; INFO: (librarySetupFilesTomcat.sh-setupFilesTomcat_ports) update server.xml to change http port: sed -i \"s|8080|$GROUPER_TOMCAT_HTTP_PORT|g\" /opt/tomcat/conf/server.xml, result: $returnCode"
@@ -520,7 +538,6 @@ setupFilesTomcat_exportAll() {
export -f setupFilesTomcat
export -f setupFilesTomcat_authn
export -f setupFilesTomcat_context
- export -f setupFilesTomcat_http
export -f setupFilesTomcat_ports
export -f setupFilesTomcat_remoteCidrValve
export -f setupFilesTomcat_remoteIpValve
diff --git a/run3.sh b/run3.sh
old mode 100644
new mode 100755
index 9cb39ae..ed4a4f2
--- a/run3.sh
+++ b/run3.sh
@@ -1,4 +1,23 @@
#!/bin/bash
-docker run -d --name my-grouper3 my-grouper3:latest
+docker rm -f my-grouper3
+docker run -d -p 8080:8080 -p 8443:8443 \
+-e GROUPER_SELF_SIGNED_CERT=true -e GROUPER_UI_CONFIGURATION_EDITOR_SOURCEIPADDRESSES='0.0.0.0/0' \
+-e GROUPER_TOMCAT_HTTP_PORT=8080 -e GROUPER_TOMCAT_AJP_PORT=-1 -e GROUPER_TOMCAT_HTTPS_PORT=-1 \
+-e GROUPER_START_DELAY_SECONDS=10 -e GROUPER_UI_GROUPER_AUTH=true \
+-e GROUPER_WS_GROUPER_AUTH=true -e GROUPER_SCIM_GROUPER_AUTH=true \
+-e GROUPER_QUICKSTART=true -e GROUPER_RUN_TOMCAT=true \
+-e GROUPER_UI=true \
+-e GROUPER_TOMCAT_REMOTE_IP_VALVE=true \
+-e GROUPER_TOMCAT_REMOTE_IP_INTERNAL_PROXIES=abc -e GROUPER_TOMCAT_REMOTE_IP_HEADER=xyz \
+-e GROUPER_TOMCAT_REMOTE_IP_PROXIES_HEADER=def -e GROUPER_TOMCAT_REMOTE_IP_TRUSTED_PROXIES=fgh \
+-e GROUPER_TOMCAT_REMOTE_IP_PROTOCOL_HEADER=hij -e GROUPER_TOMCAT_REMOTE_IP_PROTOCOL_HEADER_HTTPS_VALUE=jkl \
+-e GROUPER_TOMCAT_REMOTE_IP_HTTP_SERVER_PORT=123 -e GROUPER_TOMCAT_REMOTE_IP_HTTPS_SERVER_PORT=234 \
+-e GROUPER_LOG_TO_HOST=true -e GROUPER_TOMCAT_LOG_ACCESS=true \
+-e GROUPER_DATABASE_PASSWORD=pass -e GROUPER_DATABASE_USERNAME=postgres \
+-e GROUPERSYSTEM_QUICKSTART_PASS=pass -e GROUPER_MORPHSTRING_ENCRYPT_KEY=abc123 \
+-e GROUPER_DATABASE_URL=jdbc:postgresql://192.168.86.28:5433/postgres -e GROUPER_AUTO_DDL_UPTOVERSION='v5.*.*' \
+--name my-grouper3 my-grouper3:latest quickstart
+
+# containerPing