Details
-
Story
-
Resolution: Duplicate
-
Neutral
-
None
-
None
-
None
-
None
-
-
Empty show more show less
-
Yes
Description
Goal & problem statement
Plenty of customers report a problem that once they enable the SSO module on their Magnolia installations, they cannot login to their instance if the IdP provider used by SSO becomes temporarily unavailable. All users get completely locked out of the instance, so if there's an urgent need to access the AdminCentral for whatever reason, this is not possible until the IdP is available again.
Let's solve this problem.
Potential approach
lfischer suggests to solve this using multiple login handlers, which allow to use custom IdP provider AND local users at the same time, where local users are configured on the Magnolia instance and serve as a backup login possibility for situations when the IdP used for SSO is not available.
He already prepared a repo containing support for multiple login handlers: https://git.magnolia-cms.com/users/lfischer/repos/magnolia-sso-extended/browse
Documentation: https://git.magnolia-cms.com/users/lfischer/repos/magnolia-sso-extended/browse/_extended_docs
The suggested approach would be to enable support of multiple login handlers (i.e. a custom IdP AND local users) if the customer decides to enable this for emergency situations. This feature could be made part of the core MGNLSSO module.
Checklists
Attachments
Issue Links
- duplicates
-
MGNLSSO-84 Ability to use default Magnolia login as well as SSO login
-
- Selected
-