Adobe Experience Manager Sites & More

Faizaan_Shaikh · 9/14/17

Hello Folks,

We have a scenario where user has login-token cookie set in browser and users request hits the publish node where corresponding token is not available because publish node which actually had that token is down.

Below are two issues we are observing..

Users requests is getting redirected to login page even though when he tries to access publicly accessible non secure page example homepage of website.
Redirected login page is also getting 403 Access denied response with Authentication Failed as response text

Below are logs when user with login-token cookie tries to access public non secure page example homepage..

Below are logs when user with login-token cookie is redirected to login page which gets 403 access denied with Authentication Failed response text:

Any idea how we can avoid 403 response for login page redirect, as per logs there is some misconfiguration or login page is not accessible but seems login page configured is publicly accessible.

Please note if we remove login-token cookie from browser and access login page it is accessible as expected.

Appreciate any help or pointers to possible misconfiguration

Thanks,

Faizaan Shaikh

smacdonald2008 · 9/14/17

I do not think Cookies is the best way to use login functionality with AEM. If you want uses to login - you should write a login component that requires them to enter credentials.

Faizaan_Shaikh · 9/14/17

Hi smacdonald2008 - yes we have login page where user enters credentials and after authentication login-token cookie is set, issue is that if token has been expired in AEM and user requests page with cookie set in browser it returns 403 even for public pages like homepage and login page.

Thanks,

Faizaan Shaikh

Adobe Experience Manager Sites & More

Access denied for page when login-token cookie is set in browser

Learn

Documentation

Community

Support

Resources

Adobe account

Adobe