Your achievements

Level 1

0% to

Level 2

Tip /
Sign in

Sign in to Community

to gain points, level up, and earn exciting badges like the new
Bedrock Mission!

Learn more

View all

Sign in to view all badges

AEM Authentication to other application authentication via API

Avatar

Level 1

Due to the number of high volume of user login, there is this requirement to not sync the external user into aem. 

AEM -> 3rd party authentication api.

If this is the approach how can i make a login session maintain in aem? can i create a jcr session with sync user over to aem? 

My initial thought will be validate via api then get a successful response then create some kind of http session across the post login, but how can i utilize OOTB AEM login functionality for maintain login session, logout, session timeout and etc. 

4 Replies

Avatar

Level 7

Hi Claven,

I am not very sure if this could be achieved straight forward. Cause even if you use some SAML authentication and wire it with AEM or set up a LDAP for managing users, the moment LDAP or SAML authenticates and pass one user that user is created in the crx.

And talking about http session, even if you place any authentication challenge in front of actual AEM website how and then generate and provide a valid session how are you planning to maintain that?

My best guess is create an authentication challenge in front of actual AEM website and then if the authenticates properly login to AEM with a common user and then maintain that session. On logout redirect to the login page. But the twist is since you are logging in with a common user you wont be able to maintain user specific data, but then again if inside aem there is no user, there wont be any user specific data in crx.

To update user details use webservice to update the DB where your users are present.

 

Thanks

Tuhin

Avatar

Level 1

Thank Tuhin for your response/thoughts, it help very much to keep me thinking further.

If let say im going to use the approach that you propose, if let say currently login user is 1000, which mean 1000 user login into the same user, will aem block from login more than 1 user? 

Avatar

Level 4

Hello Tuhin, Have you tried  the highlighted part.

My best guess is create an authentication challenge in front of actual AEM website and then if the authenticates properly "login to AEM with a common user and then maintain that session"

Regards,

AMN