We understand that we need Service Ranking to invoke services (https://helpx.adobe.com/experience-manager/using/osgi_getting_started.html)
But is there any reason for using specifically "60000" ServiceRanking to invoke a custom authentication handler? We are following this https://helpx.adobe.com/experience-manager/using/twofactor64.html
Hi @surenk ,
When looking for an AuthenticationHandler the authentication handler is selected whose path is the longest match on the request URL. If the service is registered with Scheme and Host/Port, these must exactly match for the service to be eligible. If multiple AuthenticationHandler services are registered with the same length matching path, the handler with the higher service ranking is selected[^ranking].
[^ranking]: Service ranking is defined by the OSGi Core Specification as follows: If multiple qualifying service interfaces exist, a service with the highest service.ranking number, or when equal to the lowest service.id, determines which service object is returned by the Framework.
You can refer this for more details https://sling.apache.org/documentation/the-sling-engine/authentication/authentication-authenticationhandler.html
So the idea is if you are using a custom authentication handler, it should have the highest ranking for it to be executed and hence a high value number, just to make sure it does not collide with any existing service.
You can take a look at
http://localhost:4502/system/console/jaas
This will list all the registered authentication handlers, if your service ranking is lower than any of these, then the one with the highest ranking will be executed.
Instead of 60000, can you please try with 70000 or 99999, in my opinion, it should work too.
Hope this helps!!
Enter your E-mail address. We'll send you an e-mail with instructions to reset your password.