This guideline list out steps to disable SSO module version 3.1.1. Changes may happen in the future which may affect removing steps.
Step-by-step guide to disable SSO module
- Use Groovy app to run remove SSO module Groovy scriptRemove SSO module script
session = ctx.getJCRSession('config') session.getNode('/server/security/userManagers/sso-authentication').remove() session.getNode('/server/filters/servlets/SSOCallbackServlet').remove() session.getNode('/server/filters/securityCallback/clientCallbacks/magnolia-sso').remove() session.getNode('/server/filters/logout').setProperty('class', 'info.magnolia.cms.security.LogoutFilter') session.getNode('/server/filters/login').setProperty('class', 'info.magnolia.cms.security.auth.login.LoginFilter') session.save()
- If you configured your "jaas.config" like below, you won't have to restart the instance. Basically we can have multiple login modules configured there:JAAS config
magnolia { // ensure user is who he claims he is (check pwd for the user) info.magnolia.jaas.sp.jcr.JCRAuthenticationModule requisite; // retrieve users ACLs info.magnolia.jaas.sp.jcr.JCRAuthorizationModule required; }; sso-authentication { info.magnolia.sso.jaas.SsoAuthenticationModule requisite skip_on_previous_success=true; info.magnolia.jaas.sp.jcr.JCRAuthorizationModule required; };
- Last step - optional:
In order to remove SSO module from the bundle, if you just want to completely remove it.
Open project "pom.xml" file and remove SSO module dependency. Rebuild and restart instance.
<!-- <dependency> <groupId>info.magnolia.sso</groupId> <artifactId>magnolia-sso</artifactId> <version>${magnolia-sso.version}</version> </dependency> -->
Note:
We will not remove '/modules/sso' configuration point, so that in case customer restart the instance without removing the module, it would not be installed again.
Re-enable SSO module
Remove '/modules/sso' configuration point and restart the instance (without removing its dependency in "pom.xml") will trigger module installation. This will bring back SSO module using your previous configured information.
Related articles