If your admin MT without RSSO is always going to hit one particular AR server (1 MT admin, without RSSO integration)
1 MT userfacing, with RSSO kerberos integration is not going to hit above AR server
You can disable RSSO on that AR server, I can tell you how if you confirm above ☺ (can tell even otherwise ☺ just that its pretty late here)
In real we use two ar server, both with RSSO integration. The one ar serve above ist the standby ar server if the first user facing ar is down. Therefore both ar server needs the RSSO integration.
before new cmdb ui it was a simple working configuration with 4 servers. Since jetty server for user actions it seems i need an additional ar admin server without rsso integration?! I like this jetty for user part less and less.
Hi, Raj Hiremath
You want to tell me that I can't use an Ar Admin server with the new jetty integration as a fallback userfacing server if the other user facing Ar server(s) works with RSSO? Otherwise it is impossible to work with the jetty web server as an admin user?
As a result, I can no longer use the existing infrastructure efficiently and therefore I need another Ar server with all the necessary administration work.
Am I understanding you correctly?
May be there is gap in my understanding,
Here is what I can say :
It is possible to disable RSSO even if it is configured for AR(Jetty)
skip-filter set to true
It is possible to disable few URLs not to use RSSO
Open rsso-agent.properties file
After |/servlet/LicenseReleaseServlet.*, add following text and save the file
/api/jwt/login* (or any other url)
No restart required.
Regarding to "It is possible to disable few URLs not to use RSSO"
is it possible to exclude full URL??
If i configured RSSO authentication with kerberos but i need to exclude specific full URL from RSSO authentication, can i accomplish this by using the setting you mentioned in your reply?
if yes, what the format that should be set?