Hello Folks,
We have a scenario where user has login-token cookie set in browser and users request hits the publish node where corresponding token is not available because publish node which actually had that token is down.
Below are two issues we are observing..
Below are logs when user with login-token cookie tries to access public non secure page example homepage..
Below are logs when user with login-token cookie is redirected to login page which gets 403 access denied with Authentication Failed response text:
Any idea how we can avoid 403 response for login page redirect, as per logs there is some misconfiguration or login page is not accessible but seems login page configured is publicly accessible.
Please note if we remove login-token cookie from browser and access login page it is accessible as expected.
Appreciate any help or pointers to possible misconfiguration
Thanks,
Faizaan Shaikh
Views
Replies
Total Likes
I do not think Cookies is the best way to use login functionality with AEM. If you want uses to login - you should write a login component that requires them to enter credentials.
Views
Replies
Total Likes
Hi smacdonald2008 - yes we have login page where user enters credentials and after authentication login-token cookie is set, issue is that if token has been expired in AEM and user requests page with cookie set in browser it returns 403 even for public pages like homepage and login page.
Thanks,
Faizaan Shaikh
Views
Replies
Total Likes