[MGNLSSO-106] Multiple login handlers Created: 27/Apr/22  Updated: 28/Apr/22  Resolved: 28/Apr/22

Status: Closed
Project: Single Sign On
Component/s: None
Affects Version/s: None
Fix Version/s: None

Type: Story Priority: Neutral
Reporter: Matt Rajkovic Assignee: Unassigned
Resolution: Duplicate Votes: 0
Labels: None
Remaining Estimate: Not Specified
Time Spent: Not Specified
Original Estimate: Not Specified

Issue Links:
duplicate
duplicates MGNLSSO-84 Ability to use default Magnolia login... Selected
Template:
Acceptance criteria:
Empty
Task DoD:
[ ]* Doc/release notes changes? Comment present?
[ ]* Downstream builds green?
[ ]* Solution information and context easily available?
[ ]* Tests
[ ]* FixVersion filled and not yet released
[ ]  Architecture Decision Record (ADR)
Documentation update required:
Yes
Team: AdminX

 Description   

Goal & problem statement

Plenty of customers report a problem that once they enable the SSO module on their Magnolia installations, they cannot login to their instance if the IdP provider used by SSO becomes temporarily unavailable. All users get completely locked out of the instance, so if there's an urgent need to access the AdminCentral for whatever reason, this is not possible until the IdP is available again.

Let's solve this problem.

Potential approach

lfischer suggests to solve this using multiple login handlers, which allow to use custom IdP provider AND local users at the same time, where local users are configured on the Magnolia instance and serve as a backup login possibility for situations when the IdP used for SSO is not available. 

He already prepared a repo containing support for multiple login handlers: https://git.magnolia-cms.com/users/lfischer/repos/magnolia-sso-extended/browse 

Documentation: https://git.magnolia-cms.com/users/lfischer/repos/magnolia-sso-extended/browse/_extended_docs 

The suggested approach would be to enable support of multiple login handlers (i.e. a custom IdP AND local users) if the customer decides to enable this for emergency situations. This feature could be made part of the core MGNLSSO module. 



 Comments   
Comment by Matt Rajkovic [ 28/Apr/22 ]

Duplicate of https://jira.magnolia-cms.com/browse/MGNLSSO-84 

Generated at Mon Feb 12 10:51:10 CET 2024 using Jira 9.4.2#940002-sha1:46d1a51de284217efdcb32434eab47a99af2938b.