How to revert back to "Basic Authentication" from CAC Authentication.

Document ID : KB000031062
Last Modified Date : 14/02/2018
Show Technical Document Details

Setting up CAC (Common Access Card Authentication) initially can be a bit challenging if you don’t have all the pieces “just right”. The same is true of attempting to reverse the process. Several manual steps must be executed to revert the Spectrum installation to use “Basic Authentication”.

Procedure

The following steps can be used to revert the OC setup back to the initial non-CAC configuration:

1.   Stop the OC Server. This can be done by any of the following approaches:

a.        Killing the process

b.      Executing “$SPECROOT/tomcat/bin/stopTomcat.sh

c.       Executing “net stop SpectrumTomcat” on Windows

2.  Edit the file $SPECROOT/tomcat/conf/server.xml and re-comment the section that was uncommented when configuring CAC initially. This is related to <Connector port=”443” …

3.  Edit the file $SPECROOT/tomcat/conf/context.xml and change the following line from:

a.       <Valve className="com.aprisma.tomcat.authenticator.CACAuth" changeSessionIdOnAuthentication="false" />    to

b.      <Valve className="org.apache.catalina.authenticator.BasicAuthenticator" changeSessionIdOnAuthentication="false" />

4.  Restoring the original file in Spectrum/tomcat/webapps/spectrum/WEB-INF/web.xml by executing the script in: $SPECROOT/Install-Tools/createwebxml.sh

5. Restore the  file, cac-system-config.xml, by executing:

a.       cp $SPECROOT/tomcat/webapps/spectrum/WEB-INF/cac/config/cac-system-config.xml $SPECROOT/custom/cac/config/cac-system-config.xml

6. Restart the web server and check the log for any errors to ensure all steps have been done correctly.

 

For more information about CAC and how it works, please see the wiki documentation at https://wiki.ca.com/display/CASP10/Common+Access+Card+Authentication .