Expand my Community achievements bar.

SOLVED

AEM 6.1 com.adobe.granite.auth.saml.SamlAuthenticationHandler extend question

Avatar

Community Advisor
Community Advisor
11/19/15 7:12:07 AM

In pre AEM 6.0 com.adobe.granite.auth.saml.SamlAuthenticationHandler was provided by the Adobe Granite - SAML 2.0 Authentication Handlercom.adobe.granite.auth.saml

Exported Packages

com.adobe.granite.auth.saml,version=0.1.18
com.adobe.granite.auth.saml.binding,version=0.1.18
com.adobe.granite.auth.saml.configuration,version=0.1.18
com.adobe.granite.auth.saml.model,version=0.1.18

Now, in AEM 6.1 this is no longer being exported nor provided via the same package

Exported Packages

com.adobe.granite.auth.saml.configuration,version=1.0.0
com.adobe.granite.auth.saml.model,version=0.3.0
com.adobe.granite.auth.saml.model.xml,version=0.3.0
com.adobe.granite.auth.saml.util,version=1.0.0
com.adobe.granite.auth.saml.util.io,version=0.2.4

This is clearly marked in both obfuscated uber jar and system/console.

How/what should be extended to provide additional logic during /saml_login ?

Thanks,

Peter

Views

1.5K

Replies

6
Sign in to like this content

Total Likes

Translate
Translate
1 Accepted Solution

Avatar

Correct answer by
Level 10
Level 10
11/19/15 11:53:26 AM

1,2 achievable with oob & not sure why custom implementation is required there. 

3:-   COuld not understand.

4:-  you can do it using filter.

5:-   update the cookie saml_request_path value to what ever url you need dynamically & do not need to depond on samlauthenticationhandler.

View solution in original post

Views

817

Replies

0
Sign in to like this content

Total Likes

Translate
Translate
Jump to reply
6 Replies

Avatar

Level 10
Level 10
11/19/15 7:27:09 AM

I am looking for the reason within Adobe. Someone will post the reason. 

Views

804

Replies

0
Sign in to like this content

Total Likes

Translate
Translate

Avatar

Community Advisor
Community Advisor
11/19/15 7:33:15 AM

Thank you Sir !

 

Looking forward for the reason.

Thanks,

Peter

Views

833

Replies

0
Sign in to like this content

Total Likes

Translate
Translate

Avatar

Level 10
Level 10
11/19/15 7:44:57 AM

In aem5x it was standalone and in aem6x it is factory that is you can configure multiple handler.    Can you please tell your business case for extend & there may be otherways to extend.

Views

817

Replies

0
Sign in to like this content

Total Likes

Translate
Translate

Avatar

Community Advisor
Community Advisor
11/19/15 8:36:02 AM

Hi Sham,

Thank you for your reply,

Business case:

  1. User presense is checked with other systems(if user is present, only then authentication can happen successfully).
  2. User data is being loaded in AEM from other systems(user data is saved in CRX).
  3. IdpConfiguration is being changed
  4. Cookie manipulations are being performed.(cookies are set && refreshed)
  5. User is redirected to the most appropriate url during the login process.

Thanks,

Peter

Views

824

Replies

0
Sign in to like this content

Total Likes

Translate
Translate

Avatar

Correct answer by
Level 10
Level 10
11/19/15 11:53:26 AM

1,2 achievable with oob & not sure why custom implementation is required there. 

3:-   COuld not understand.

4:-  you can do it using filter.

5:-   update the cookie saml_request_path value to what ever url you need dynamically & do not need to depond on samlauthenticationhandler.

Views

818

Replies

0
Sign in to like this content

Total Likes

Translate
Translate
Jump to reply

Avatar

Community Advisor
Community Advisor
11/20/15 7:02:18 AM

Hi Sham,

Ours is a multisite project and upon user login we derive the user home page based upon his user registration details. We keep the user registration details in DB. So after user log in our program connects to DB and fetch the user details and derive the user home page and then redirect the user to the respective home page. Now, if we will use default SAMLAuthentication handler then it asks for the default redirect URL and redirects the user to that url after login which we don't want. That's why we have extended SAMLAuthenticationHandler and overridden the authenticationSucceeded method by which we are not letting default SAMLAuthentication handler to redirect. Default SAMLAuthentication handler does the job of parsing SAML,creating CRX user and CRX session e.t.c and our class which is extended SAMLAuthentication handler is doing the job of fetching the user profile details and deriving the home page and then doing the redirect.  hope it answers your question.

Yes, we can't set our home page URL in Saml_request_path cookie as this cookie is getting created if user has bookmarked an URL and it doesn't have the active session in the browser then SAMLAuthentication handler redirects the user to IDP and creates a saml_request_path cookie by keeping that bookmarked url as the cookie value. 

Thanks,

Peter

Views

877

Replies

0
Sign in to like this content

Total Likes

Translate
Translate