Your achievements

Level 1

0% to

Level 2

Tip /
Sign in

Sign in to Community

to gain points, level up, and earn exciting badges like the new
Bedrock Mission!

Learn more

View all

Sign in to view all badges

AEM 6.2 - External login

boser87
Level 4
Level 4

Hi guys,

I have to implement a special case of external login with AEM on Publish instance. This is my scenario:

  • The authentication system AND the login page are external wrt AEM. The login page is not hosted on AEM
  • Every single request is proxied by another system that performs the authentication and augment the request header
  • The main assumption is that the requests hitting the Publish instance are already authenticated, i.e. the request header will contain a token and some profile information, including username and profile: customer or manager (we don't want to synch users and groups!)
  • AEM will have a few users manually created representing the different profiles: customer or manager; for these users AEM has the permissions on the pages created through AEM

What I would like to implement is:

  • Every request hitting the Publish instance, that is anonymous by default, has to be mapped to the correct user on AEM (customer or manager) according to the data into the request header, so that the customer user logged through the external system can see only the pages for which I configured read permission through the User Management console in AEM

Should I use a Sling Filter for achieving this?

 

Thanks for your help!

0 Replies
smacdonald2008
Level 10
Level 10

Checking this with the internal AEM team.  I am not seeing any docs on this to guide you on this use case. 

boser87
Level 4
Level 4
        That would be awesome. Thanks Scott!
boser87
Level 4
Level 4
        Hi MC Stuff and thanks for your reply! Do you think that the SSO approach is suitable for Publish instance too? And do you think that that would allow me to map to incoming group information on the request to one of the two users in AEM?
MC_Stuff
Level 9
Level 9

Hi Tony,

   It applies for publish instance also.  In case you have more than one publish instance and group information in request clearing on subsequent requests then enable encapsulated token support. https://docs.adobe.com/docs/en/aem/6-1/administer/security/encapsulated-token.html

 

Thanks,

a_mn1
Level 4
Level 4

Hi, Could you please let me know how did u achieve this. I do have a very similar requirement.

Regards,

Anand MN

ian0422my
Level 1
Level 1

hi,

 

i have the same requirement. Did anyone manage to find a solution for this?

 

regards

 

ian