This guideline list out steps to disable SSO module version 3.1.1. Changes may happen in the future which may affect removing steps.
Step-by-step guide to disable SSO module
- Use Groovy app to run remove SSO module Groovy scriptRemove SSO module script
session = ctx.getJCRSession('config') session.getNode('/server/security/userManagers/sso-authentication').remove() session.getNode('/server/filters/servlets/SSOCallbackServlet').remove() session.getNode('/server/filters/securityCallback/clientCallbacks/magnolia-sso').remove() session.getNode('/server/filters/logout').setProperty('class', 'info.magnolia.cms.security.LogoutFilter') session.getNode('/server/filters/login').setProperty('class', 'info.magnolia.cms.security.auth.login.LoginFilter') session.save()
- If you configured your "jaas.config" like below, you won't have to restart the instance. Basically we can have multiple login modules configured there:JAAS config
magnolia { // ensure user is who he claims he is (check pwd for the user) info.magnolia.jaas.sp.jcr.JCRAuthenticationModule requisite; // retrieve users ACLs info.magnolia.jaas.sp.jcr.JCRAuthorizationModule required; }; sso-authentication { info.magnolia.sso.jaas.SsoAuthenticationModule requisite skip_on_previous_success=true; info.magnolia.jaas.sp.jcr.JCRAuthorizationModule required; };
- Last step - optional:
In order to remove SSO module from the bundle, if you just want to completely remove it.
Open project "pom.xml" file and remove SSO module dependency. Rebuild and restart instance.
<!-- <dependency> <groupId>info.magnolia.sso</groupId> <artifactId>magnolia-sso</artifactId> <version>${magnolia-sso.version}</version> </dependency> -->
Note:
We will not remove '/modules/magnolia-sso' ( or '/modules/sso' in an older version) configuration point, so that in case customer restart the instance without removing the module, it would not be installed again.
Re-enable SSO module
Remove '/modules/magnolia-sso' ( or '/modules/sso' in an older version) configuration point and restart the instance (without removing its dependency in "pom.xml") will trigger module installation. This will bring back SSO module using your previous configured information.
Related articles