SDL strongly recommends against disabling OAuth authentication, especially in a production environment. OAuth authentication is set up to work out of the box, so only disable it if you have a pressing reason to do so. OAuth authentication must be switched on everywhere, or switched off everywhere.
Procedure
- In the configuration location of every Content Delivery microservice, open cd_ambient_conf.xml, the Ambient Data Framework configuration file, for editing.
- In each file, in the
Security element, set OAuthEnabled to false, and ensure that the Rules element has an Enabled attribute set to false.
- Repeat until you have disabled OAuth and rules in all Content Delivery microservices.
- In the configuration location every Content Delivery Java/JSP client or API, open cd_client_conf.xml, the client configuration file, for editing.
- In each file, comment out the
TokenService element, then save and close cd_client_conf.xml.
- Repeat until you have commented out the Token Service element in all Content Delivery Java/JSP clients and APIs.
- If you use UGC, in the UGC Community Service's configuration location, open cd_ambient_conf.xml for editing and uncomment the following fragment:
<WhiteList>
<IPAddresses>
<Ip>0.0.0.0-255.255.255.255</Ip>
</IPAddresses>
</WhiteList>
- Save and close cd_ambient_conf.xml.
- Restart the Discovery Service:
- If the Discovery Service runs as a Windows service from the Start menu, enter services.msc to open your Services screen, find the item called SDL Web Discovery Service, right-click it and select Restart from the context menu.
- If the Discovery Service runs as a Java process, find the process (listed as Java (TM) Platform SE binary in Windows Task Manager) and restart it.
- Restart all other microservices, which are identifiable by the following Windows service names:
- UDP Cache Service
- UDP UGC Community Service
- UDP Content Service
- UDP Deployer Service
- UDP Context Service
- UDP Contextual Image Delivery Service
- Restart all clients and APIs.