The following are the steps to disable CAC in Spectrum.
Release: Any version of Spectrum integrated with CAC
Component:
The following steps can be used to revert the OneClick setup back to the initial non-CAC configuration:
1. Stop the OneClick Server. This can be done by any of the following approaches:
a. Executing “$SPECROOT/tomcat/bin/stopTomcat.sh
b. Executing “net stop SpectrumTomcat” on Windows
c. Killing the process
2. Edit the file $SPECROOT/tomcat/conf/server.xml and change clientAuth to false in the https connector
<!-- Define a SSL Coyote HTTP/1.1 Connector on port 8443 -->
<Connector
port="8443"
enableLookups="true" disableUploadTimeout="true" tcpNoDelay="true"
acceptCount="100" scheme="https" secure="true" SSLEnabled="true"
clientAuth="false" sslProtocol="TLS"
sslEnabledProtocols="TLSv1.2"
ciphers="TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256,
TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384,
TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA,
TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA,
TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256,
TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA384,
TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256,
TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384,
TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA,
TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA,
TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256,
TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384,
TLS_DHE_RSA_WITH_AES_128_GCM_SHA256,
TLS_DHE_RSA_WITH_AES_256_GCM_SHA384,
TLS_DHE_RSA_WITH_AES_128_CBC_SHA,
TLS_DHE_RSA_WITH_AES_256_CBC_SHA,
TLS_DHE_RSA_WITH_AES_128_CBC_SHA256,
TLS_DHE_RSA_WITH_AES_256_CBC_SHA256"
keystoreFile="custom/keystore/cacerts"
keystorePass="changeit">
</Connector>
3. Edit the file $SPECROOT/tomcat/conf/context.xml and change the following line from:
<Valve className="com.aprisma.tomcat.authenticator.CACAuth" changeSessionIdOnAuthentication="false" />
-TO-
<Valve className="org.apache.catalina.authenticator.BasicAuthenticator" changeSessionIdOnAuthentication="false" />
4. Restoring the original file in Spectrum/tomcat/webapps/spectrum/WEB-INF/web.xml by executing the script:
$SPECROOT/Install-Tools/createwebxml.sh
5. Restore the file, cac-system-config.xml, by executing:
cp $SPECROOT/tomcat/webapps/spectrum/WEB-INF/cac/config/cac-system-config.xml $SPECROOT/custom/cac/config/cac-system-config.xml
6. Restart the web server and check the log for any errors to ensure all steps have been done correctly.
Note: These steps have been tested only on a Windows OneClick Server. Instructions and procedures may vary on other operating systems.