I'm running CAS 5.1.2 with SPNEGO configured, now I want to restrict SPNEGO behaviour to certain ip networks on, and provide normal authentication form to others. I tried with following config entry to match 192.168.1.0 - 192.168.99.255:
cas.authn.spnego.ipsToCheckPattern=192\.168\.[1-9][0-9]?\.+
But it seems that SPNEGO is still offered for clients outside that regexp range. What I'm missing, is this right way to establish wanted behaviour?
Br,
Antti