Expand my Community achievements bar.

SOLVED

bypassing SSO for CRX/De

Avatar

Level 2
Level 2
8/12/20 9:51:07 PM

Hi All,

 

We have enabled SSO on AEM Author domain( custom) and it's working fine. For logging into crx/de we use internal domain which is directly pointed to Author and hitting this internal domain we used to get normal crx/de login page without triggering SSO login.

 

However recently something changed and when we hit crx/de domain, it's triggering SSO login screen. Due to this we are not able to access crx/de or packagemanger or ConfigMgr. Even our Adobe CSE not able to login to crx/de using internal domain which is pointed/cnamed to Author IP address directly.

 

Any inputs what changes might have happened to trigger SSO on crx/de? Is there anyway we can disable/delete SAML Authenticator Config object so that we can access crx/de and verify configurations?

 

Thanks. 

 

Views

900

Replies

3
Sign in to like this content

Total Likes

Translate
Translate
1 Accepted Solution

Avatar

Correct answer by
Community Advisor
Community Advisor
8/13/20 12:34:34 AM

@Antony6790 Can you please share your saml configuration file? OOTB crx/de is not part of Sling security. Mostly you should have changed something dispatcher settings, to route all traffic to path which has SSO enabled. Please validate once.

 

Also please try with "Ip address", which definitely be not part of dispatcher.

 

https://experienceleaguecommunities.adobe.com/t5/adobe-experience-manager/aem-author-saml-integratio...

View solution in original post

Views

889

Replies

2
Sign in to like this content

Total Likes

Translate
Translate
Jump to reply
3 Replies

Avatar

Correct answer by
Community Advisor
Community Advisor
8/13/20 12:34:34 AM

@Antony6790 Can you please share your saml configuration file? OOTB crx/de is not part of Sling security. Mostly you should have changed something dispatcher settings, to route all traffic to path which has SSO enabled. Please validate once.

 

Also please try with "Ip address", which definitely be not part of dispatcher.

 

https://experienceleaguecommunities.adobe.com/t5/adobe-experience-manager/aem-author-saml-integratio...

Views

890

Replies

2
Sign in to like this content

Total Likes

Translate
Translate
Jump to reply

Avatar

Level 2
Level 2
8/14/20 7:08:35 AM
In response to Shashi_Mulugu

HI Shashi,

As I'm not able to login to ConfigMgr, cannot get SAML configuration. Tried accessing crx/de with IP address but getting error.

 

Even I think something changed in Dispatcher but not able to find it. 

 

The internal/direct domain for crx/de bypasses Dispatcher so not sure how Dispatcher rules impacts this. So it's strange.

 

We recently updated to SP5 fixpack. Not sure whether this is causing the issue or not.

 

Thanks,

Antony.

Views

861

Replies

0
Sign in to like this content

Total Likes

Translate
Translate

Avatar

Community Advisor
Community Advisor
8/16/20 11:36:36 PM
In response to Shashi_Mulugu
Please try to spin up a local instance with the same configuration, Same AEM version and service packs and then just do SAML configuration without any code deployments and validate.

Views

849

Replies

0
Sign in to like this content

Total Likes

Translate
Translate