How to disable CJOC authorization in CJE?


  • Changes to Identity Management Provider have locked out access to CJOC
  • No access to CJOC



Authentication for CJOC can be removed, if needed, by editing the config.xml file. However, in CJE additional steps are needed to ensure that changes are saved and restart is handled correctly.

1) Connect to the worker

First, on the bastion host, run cje run find-worker-for cjoc to find out in which worker the container is running. In the following example it would be worker-2 for CJOC. Then connect into the worker with

dna connect worker-2

2) Disable Security

  • Go to /mnt/cjoc/<containerid> in the file system and find config.xml file.
  • Open config.xml file in the vi editor.
  • Look for the <useSecurity>true</useSecurity> element in this file.
  • Replace true with false.
  • Save the changes and exit.

4) Restart CJOC

  • Restart the CJOC container, i.e. on the bastion host run - dna stop cjoc and dna start cjoc.

Have more questions?


  • 0
    Eric Long

    How do you find the TENANT_ID ?


  • 0
    Baptiste Mathus

    Not sure what you want, but in case your goal is to log into a given tenant, you can use the following

    cje run ssh-into-tenant cjoc

    For cjoc, it will always be named as such. For other tenants, you can list all applications using

    $ cje run list-applications
    elasticsearch.jce : worker-23
    cjoc.jce : worker-23
    castle.jce : worker-23
    palace.jce : worker-23
    e-commerce.teams.masters : worker-23
    digital-marketing.teams.masters : worker-23
    ux-team.teams.masters : worker-23
    supply-chain.teams.masters : worker-23

    And then take the part before the last dot as the tenant name. For instance above it would be e-commerce.teams, etc.

Please sign in to leave a comment.