AEM Dispatcher config for custom authentication handler

Question

Hello,i have written a custom authentication handler for OIDC based on this one: https://experienceleaguecommunities.adobe.com/t5/adobe-experience-manager-blogs/building-an-aem-custom-authentication-handler-for-okta-openid/ba-p/632257It works locally but when i deploy it to the cloud instance, the redirect from my auth server back to AEM does not work. I think it is somehow blocked by the dispatcher.I already whitelisted the URL and parameters in the filters.any but it still does not work.Any suggestions would be helpful. # Allow oauth callback/801 { /type "allow" /url "*/oauth/callback" }/802 { /type "allow" /method "GET" /query "code=*" }/803 { /type "allow" /method "GET" /query "state=*" }

NiklasCr · Accepted Answer

Dear Suresh, thank you for your reply.I found out that we had a rewrite rule that appended .html to the request and my auth handler checked for the url path and skipped the request because of the .html suffix.I fixed the rewrite condition and now it works:# Append .html extension to the incoming URLRewriteCond %{REQUEST_URI} !^/$RewriteCond %{REQUEST_URI} !^/(apps|bin|etc|home|libs|system|tmp|var|saml_login|api|oauth/callback)RewriteCond %{REQUEST_URI} !\.(?i:html|txt|xml|json|js|css|gif|jpe?g|png|rar|zip|flv|mov|wma|mp3|avi|swf|mp?g|mp4|webm|webp|pdf|tif|tiff|psd|raw|svg|ttf|woff|woff2|doc|docx|xls|xlsx|pptx|ppt|ico|asc|dwg|dxf|eps|jfif|enc|rfa|rvt|xhtml|igs|dot|edrw|gsm|ifc|xlsm|lcf|adsklib|csv)$RewriteRule ^/(.*)$ /$1.html [PT,L]

SureshDhulipudi · Answer

do you see anything in dispatcher logs about blocked URLs? Please check authentication token is blocking:/*** { /type "allow" /url "*/oauth/token" }

Sign up

Login with SSO

Login to the community

Login with SSO

Scanning file for viruses.

This file cannot be downloaded