Disabling the OpenID client app
OpenID client is a testing app used as a starting point to develop OpenID-enabled Java applications. It’s bundled with standard Crowd distribution and it is deployed by default. However, it’s not required for Crowd or OpenID server to work correctly. OpenID client/server should not be confused with OpenID Connect.
In version 3.6.2, 3.7.1, 4.0.0 Crowd had the OpenID client app disabled from deploying by default. To prevent the OpenID client app from deploying on versions of Crowd before the mentioned above, follow the procedure bellow.
This procedure should also be put as part of your upgrade procedure in case you’re upgrading to any version of Crowd other than 3.6.2, 3.7.1, 4.0.0 or later.
Note regarding DC versions: If you’re running a cluster with more than one node you should perform following procedure on each node.
Before you begin
Check if the OpenID client app is running in your Crowd Tomcat container. With Crowd running, go to:
http://{CROWD_HOST}:{PORT_NUMBER}/openidclient
If the result is HTTP Status 404 - Not Found, it means the OpenID Connect client app is not running in the specified environment.
If you see the OpenID Client app page, proceed with the following steps to disable it.
To disable the OpenID client app
The following procedure will require scheduling a downtime of Crowd.
Stop Tomcat container by running following script:
{CROWD_INSTALL}/stop_crowd.sh
Backup and delete the following file which is responsible for deploying the OpenID client app.
Backup of the file will allow you to reenable the app in the future. Remember that you shouldn’t enable this application on production environment.{CROWD_INSTALL}/apache-tomcat/conf/Catalina/localhost/openidclient.xml
Start Tomcat container by running following script:
{CROWD_INSTALL}/start_crowd.sh
Again, verify that the OpenID client app is disabled. Go to:
http://{CROWD_HOST}:{PORT_NUMBER}/openidclient
You should see HTTP Status 404 - Not Found, which means the app is not running anymore.