How to revert back to "Basic Authentication" from CAC Authentication.
search cancel

How to revert back to "Basic Authentication" from CAC Authentication.


Article ID: 31062


Updated On:


CA Spectrum


Setting up CAC (Common Access Card Authentication) initially can be a bit challenging if you don’t have all the pieces “just right”. The same is true of attempting to reverse the process. Several manual steps must be executed to revert the Spectrum installation to use “Basic Authentication”.




The following steps can be used to revert the OC setup back to the initial non-CAC configuration:

1.   Stop the OC Server. This can be done by any of the following approaches:
  1.  Killing the process
  2. Executing “$SPECROOT/tomcat/bin/
  3. Executing “net stop SpectrumTomcat” on Windows

2.  Edit the file $SPECROOT/tomcat/conf/server.xml and re-comment the section that was uncommented when configuring CAC initially. This is related to <Connector port=”443” …

3.  Edit the file $SPECROOT/tomcat/conf/context.xml and change the following line from:
  1. <Valve className="com.aprisma.tomcat.authenticator.CACAuth" changeSessionIdOnAuthentication="false" />    to
  2. <Valve className="org.apache.catalina.authenticator.BasicAuthenticator" changeSessionIdOnAuthentication="false" />

4.  Restoring the original file in Spectrum/tomcat/webapps/spectrum/WEB-INF/web.xml by executing the script in: $SPECROOT/Install-Tools/

5. Restore the  file, cac-system-config.xml, by executing:
  1. cp $SPECROOT/tomcat/webapps/spectrum/WEB-INF/cac/config/cac-system-config.xml $SPECROOT/custom/cac/config/cac-system-config.xml

6. Restart the web server and check the log for any errors to ensure all steps have been done correctly.

Additional Information

Please reference the "Common Access Card Authentication" section of the documentation for more information.