How to authenticate users on clustered instances when they have just logged inside one of the publishers.

Question

Hi,We have a requirement where we want users to be logged in for a very long duration on publishers, so they don't have to login again. I have written a custom authentication handler which takes care of modifying the cookie and token duration (i.e. it resets the .token.exp node value based on the users preference). I was thinking of reverse replicating these tokens to other publishers but it seem like they are not being picked up by the publisher for reverse replication because the name of the node is .tokens (contains a dot in front), i don't know if this was done by Adobe for security. How can i achieve this requirement. Any help is appreciated.I know it is a security risk to keep them logged in but this what the client wants. We are using sticky session but duration for which users would be logged in is quite high and we can't just force them to go on the same instance every single time. We need to authenticate them on the other publisher without having to login.Thanks

Sham_HC · Accepted Answer

Use sso for your usecase http://docs.adobe.com/docs/en/cq/current/deploying/single_sign_on.html

Anonymous · Answer

Sham HC wrote... Use sso for your usecase http://docs.adobe.com/docs/en/cq/current/deploying/single_sign_on.html Hi Sham,Thanks for your response.If i do something like header based authentication and pass the cookie within the header will it be recognized on the other publisher where the token hasn't been created. I mean login-token cookie would be my preferred approach to do this authentication and we are using that in one of our classes along with form based authentication but wouldn't this authentication be rejected if the token is not present on the other publisher. I don't want to use userid for authentication, i want to user the token for this.Thanks

Sign up

Login with SSO

Login to the community

Login with SSO

Scanning file for viruses.

This file cannot be downloaded