Hi guys,
I have to implement a special case of external login with AEM on Publish instance. This is my scenario:
- The authentication system AND the login page are external wrt AEM. The login page is not hosted on AEM
- Every single request is proxied by another system that performs the authentication and augment the request header
- The main assumption is that the requests hitting the Publish instance are already authenticated, i.e. the request header will contain a token and some profile information, including username and profile: customer or manager (we don't want to synch users and groups!)
- AEM will have a few users manually created representing the different profiles: customer or manager; for these users AEM has the permissions on the pages created through AEM
What I would like to implement is:
- Every request hitting the Publish instance, that is anonymous by default, has to be mapped to the correct user on AEM (customer or manager) according to the data into the request header, so that the customer user logged through the external system can see only the pages for which I configured read permission through the User Management console in AEM
Should I use a Sling Filter for achieving this?
Thanks for your help!
