Expand my Community achievements bar.

Guidelines for the Responsible Use of Generative AI in the Experience Cloud Community.
SOLVED

AEM - Deliver protected pages with Salesforce authentication

Avatar

Level 2

-  Hello team,

 

Please suggest how to implement the below requirement in AEM as a cloud service.

 

1. Few pages in AEM should be protected and should be accessed only after authentication

2. When end users accessing the protected page they should be shown a Salesforce login page

3. Once users logs in successfully with their salesforce account, then the page should be shown.

 

Salesforce have the oAuth setup as mentioned in https://help.salesforce.com/articleView?id=sf.remoteaccess_oauth_web_server_flow.htm&type=5

 

I went through some of the docs related to AEM and salesforce integration but not getting the steps on how to achieve it. Any pointers or suggestions will be helpful

 

@AEM @Salesforce @SalesforceAdmin @oauth 

Topics

Topics help categorize Community content and increase your ability to discover relevant content.

1 Accepted Solution

Avatar

Correct answer by
Community Advisor

Hi, To achieve this you need to implement the custom login handler -

1. Creates a Sling Filter which initial salesforce login when the protected page is accessed, the requested page can be stored in cookie to redirect user to the page after login

2. When user is on the salesforce login page, defined a callback url which creates a login/session/or allow the user to the page based on salesforce login cookie/corresponding login cookie.

3. Once session is validated, allow user to access the page. 

You can achieve the same with the front end logic also. 



Arun Patidar

View solution in original post

8 Replies

Avatar

Correct answer by
Community Advisor

Hi, To achieve this you need to implement the custom login handler -

1. Creates a Sling Filter which initial salesforce login when the protected page is accessed, the requested page can be stored in cookie to redirect user to the page after login

2. When user is on the salesforce login page, defined a callback url which creates a login/session/or allow the user to the page based on salesforce login cookie/corresponding login cookie.

3. Once session is validated, allow user to access the page. 

You can achieve the same with the front end logic also. 



Arun Patidar

Avatar

Level 2

Hi Arun,

 

So far I am looking into approach as mentioned in https://www.albinsblog.com/2020/05/social-login-with-linkedin-adobe-experience-manager-aem.html#.YGC...

It is using LinkedIn Sign in and I am looking to do the same for Salesforce.

 

Please let me know your thoughts on this and how it is different from using Sling Filters.

Avatar

Community Advisor
Hi, I shared the idea how to implement a custom auth similar to linked in, It is depends on the end point(Salesforce) what kind of Authentication it supports. but the article you have shared will also do the same for for linked in. you can use this as a reference.


Arun Patidar

Avatar

Level 2

Hi Arun,

 

As we followed the linked shared above to check the integration with LinkedIn via AEM oauth services.https://www.albinsblog.com/2020/05/social-login-with-linkedin-adobe-experience-manager-aem.html#.YGR....

 

Thou we followed given steps.. After we hit the call back AEM Login URl : http://localhost:4503/callback/j_security_check?configid=linkedin.

It redirects the call to AEM default WKND home page .Where as per document it should bring the linked in Login Screen,

 

With the AEM publish error logs we get the below : 

06.04.2021 11:20:35.642 *INFO* [qtp1858622664-594] com.adobe.granite.auth.oauth.impl.OAuthCallbackFilter doFilter: OAuth authorization request without parameters, redirecting to /

 

Can you help us here what request params is still missing even after we have send 3 key params in service( created in Linkedin developer account) ( Client_id, client_secret, scope)

Avatar

Community Advisor
Hi, The callback url should be redirect from linkedin, you need to hit a AEM page which redirect to linked login and once you enter credentials then callback url will be triggered from linked in.


Arun Patidar

Avatar

Level 2
Hi Arun , with your comments above I understand we should hit http://localhost:4503/content/wknd/us/en/magazine/ski-touring.html somthing like this , and the expectation is to get redirected to linkedin asking for authentication ... If ryt until then ... with this as I hit the wknd page url I see the content showing up dint ask for any authentication.. what are we missing here. we are unable to crack the reason for not getting linked in login screen

Avatar

Community Advisor

hey, you need to configure login url on the page as mentioned

Now the configurations are ready, let us initiate the login – access http://localhost:4503/j_security_check?configid=linkedin from browser(in real scenario you can enable a link or button pointing to this URL). This will take the user to LinkedIn login screen



Arun Patidar

Avatar

Level 5

Hi @selvendranr9588 

i have similar requirement, wanted to check if yours was achieved with steps @arunpatidar shared