What Steps are required to disable EEM via CLI in Spectrum 9.2.2

Document ID : KB000020818
Last Modified Date : 14/02/2018
Show Technical Document Details

Description:

The Knowledge Document TEC525198 describe how to disable EEM via CLI previous 9.2.2.

There is a new procedure to disable EEM since Spectrum 9.2.2.

Solution:

Disable EEM integration in Spectrum 9.2.2 and higher:

  1. Bring down the One Click Tomcat Web Server and close out of any open OneClick client consoles.

  2. In the One Click web server, in the $SPECROOT/custom/ directory rename the sso directory to sso.bak.

  3. Edit the web.xml in the directory $SPECROOT/tomcat/webapps/spectrum/WEB-INF:

    1. Change the following entry:

      <login-config>
      <auth-method> EXTERNALSSO </auth-method>
      <realm-name>SPECTRUM</realm-name>
      </login-config>

      To become:
      <login-config>
      <auth-method> BASIC </auth-method>
      <realm-name>SPECTRUM</realm-name>
      </login-config>


  4. Comment out this entry that should show at the top of the file
    <listener>
    <listener-class>com.aprisma.tomcat.authenticator.ExternalSSOAuth</listener -class>
    </listener>

    To make it:
    <!--
    <listener>
    <listener-class>com.aprisma.tomcat.authenticator.ExternalSSOAuth</listener-class>
    </listener>
    -->


  • Save the changes made to the $SPECROOT/tomcat/webapps/spectrum/WEB-INF/web.xml file.


  • Go to the $SPECROOT/tomcat/conf/context.xml file.

    a. Add this line:
    <Valve className="org.apache.catalina.authenticator.BasicAuthenticator" changeSessionIdOnAuthentication="false" /></Context>

    b. And comment out this line:
    <Valve className="com.aprisma.tomcat.authenticator.ExternalSSOAuth"changeSessionIdOnAuthentication="false" /></Context>

    So that it looks like this:
    <!--
    <Valve className="com.aprisma.tomcat.authenticator.ExternalSSOAuth"changeSessionIdOnAuthentication="false" /></Context>
    -->

  • Save the file changes to the $SPECROOT/tomcat/conf/context.xml file

  • Start the One Click Tomcat Web Server and attempt to log in with a non LDAP account.