Your achievements

Level 1

0% to

Level 2

Tip /
Sign in

Sign in to Community

to gain points, level up, and earn exciting badges like the new
Bedrock Mission!

Learn more

View all

Sign in to view all badges

SOLVED

bypassing SSO for CRX/De

Antony6790
Level 2
Level 2

Hi All,

 

We have enabled SSO on AEM Author domain( custom) and it's working fine. For logging into crx/de we use internal domain which is directly pointed to Author and hitting this internal domain we used to get normal crx/de login page without triggering SSO login.

 

However recently something changed and when we hit crx/de domain, it's triggering SSO login screen. Due to this we are not able to access crx/de or packagemanger or ConfigMgr. Even our Adobe CSE not able to login to crx/de using internal domain which is pointed/cnamed to Author IP address directly.

 

Any inputs what changes might have happened to trigger SSO on crx/de? Is there anyway we can disable/delete SAML Authenticator Config object so that we can access crx/de and verify configurations?

 

Thanks. 

 

1 Accepted Solution
Shashi_Mulugu
Correct answer by
Community Advisor
Community Advisor

@Antony6790 Can you please share your saml configuration file? OOTB crx/de is not part of Sling security. Mostly you should have changed something dispatcher settings, to route all traffic to path which has SSO enabled. Please validate once.

 

Also please try with "Ip address", which definitely be not part of dispatcher.

 

https://experienceleaguecommunities.adobe.com/t5/adobe-experience-manager/aem-author-saml-integratio...

View solution in original post

0 Replies
Shashi_Mulugu
Correct answer by
Community Advisor
Community Advisor

@Antony6790 Can you please share your saml configuration file? OOTB crx/de is not part of Sling security. Mostly you should have changed something dispatcher settings, to route all traffic to path which has SSO enabled. Please validate once.

 

Also please try with "Ip address", which definitely be not part of dispatcher.

 

https://experienceleaguecommunities.adobe.com/t5/adobe-experience-manager/aem-author-saml-integratio...

Antony6790
Level 2
Level 2

HI Shashi,

As I'm not able to login to ConfigMgr, cannot get SAML configuration. Tried accessing crx/de with IP address but getting error.

 

Even I think something changed in Dispatcher but not able to find it. 

 

The internal/direct domain for crx/de bypasses Dispatcher so not sure how Dispatcher rules impacts this. So it's strange.

 

We recently updated to SP5 fixpack. Not sure whether this is causing the issue or not.

 

Thanks,

Antony.

Shashi_Mulugu
Community Advisor
Community Advisor
Please try to spin up a local instance with the same configuration, Same AEM version and service packs and then just do SAML configuration without any code deployments and validate.