Expand my Community achievements bar.

SOLVED

AEM Dispatcher config for custom authentication handler

Avatar

Level 2

Hello,

i have written a custom authentication handler for OIDC based on this one: https://experienceleaguecommunities.adobe.com/t5/adobe-experience-manager-blogs/building-an-aem-cust...
It works locally but when i deploy it to the cloud instance, the redirect from my auth server back to AEM does not work. I think it is somehow blocked by the dispatcher.
I already whitelisted the URL and parameters in the filters.any but it still does not work.

Any suggestions would be helpful.

 

# Allow oauth callback
/801 { /type "allow" /url "*/oauth/callback" }
/802 { /type "allow" /method "GET" /query "code=*" }
/803 { /type "allow" /method "GET" /query "state=*" }
1 Accepted Solution

Avatar

Correct answer by
Level 2

Dear Suresh, thank you for your reply.

I found out that we had a rewrite rule that appended .html to the request and my auth handler checked for the url path and skipped the request because of the .html suffix.

I fixed the rewrite condition and now it works:

# Append .html extension to the incoming URL
RewriteCond %{REQUEST_URI} !^/$
RewriteCond %{REQUEST_URI} !^/(apps|bin|etc|home|libs|system|tmp|var|saml_login|api|oauth/callback)
RewriteCond %{REQUEST_URI} !\.(?i:html|txt|xml|json|js|css|gif|jpe?g|png|rar|zip|flv|mov|wma|mp3|avi|swf|mp?g|mp4|webm|webp|pdf|tif|tiff|psd|raw|svg|ttf|woff|woff2|doc|docx|xls|xlsx|pptx|ppt|ico|asc|dwg|dxf|eps|jfif|enc|rfa|rvt|xhtml|igs|dot|edrw|gsm|ifc|xlsm|lcf|adsklib|csv)$
RewriteRule ^/(.*)$ /$1.html [PT,L]

View solution in original post

2 Replies

Avatar

Community Advisor

do you see anything in dispatcher logs about blocked URLs?

 

Please check authentication token is blocking:

/*** { /type "allow" /url "*/oauth/token" }

 

Avatar

Correct answer by
Level 2

Dear Suresh, thank you for your reply.

I found out that we had a rewrite rule that appended .html to the request and my auth handler checked for the url path and skipped the request because of the .html suffix.

I fixed the rewrite condition and now it works:

# Append .html extension to the incoming URL
RewriteCond %{REQUEST_URI} !^/$
RewriteCond %{REQUEST_URI} !^/(apps|bin|etc|home|libs|system|tmp|var|saml_login|api|oauth/callback)
RewriteCond %{REQUEST_URI} !\.(?i:html|txt|xml|json|js|css|gif|jpe?g|png|rar|zip|flv|mov|wma|mp3|avi|swf|mp?g|mp4|webm|webp|pdf|tif|tiff|psd|raw|svg|ttf|woff|woff2|doc|docx|xls|xlsx|pptx|ppt|ico|asc|dwg|dxf|eps|jfif|enc|rfa|rvt|xhtml|igs|dot|edrw|gsm|ifc|xlsm|lcf|adsklib|csv)$
RewriteRule ^/(.*)$ /$1.html [PT,L]