Expand my Community achievements bar.

Don’t miss the AEM Skill Exchange in SF on Nov 14—hear from industry leaders, learn best practices, and enhance your AEM strategy with practical tips.
Read More & Register today!
SOLVED

AEM Dispatcher config for custom authentication handler

Avatar

Level 2
Level 2
10/7/24 2:08:52 AM

Hello,

i have written a custom authentication handler for OIDC based on this one: https://experienceleaguecommunities.adobe.com/t5/adobe-experience-manager-blogs/building-an-aem-cust...
It works locally but when i deploy it to the cloud instance, the redirect from my auth server back to AEM does not work. I think it is somehow blocked by the dispatcher.
I already whitelisted the URL and parameters in the filters.any but it still does not work.

Any suggestions would be helpful.

 

# Allow oauth callback
/801 { /type "allow" /url "*/oauth/callback" }
/802 { /type "allow" /method "GET" /query "code=*" }
/803 { /type "allow" /method "GET" /query "state=*" }

Views

209

Replies

2
Sign in to like this content

Total Likes

Translate
Translate
1 Accepted Solution

Avatar

Correct answer by
Level 2
Level 2
10/8/24 12:03:38 AM
In response to SureshDhulipudi

Dear Suresh, thank you for your reply.

I found out that we had a rewrite rule that appended .html to the request and my auth handler checked for the url path and skipped the request because of the .html suffix.

I fixed the rewrite condition and now it works:

# Append .html extension to the incoming URL
RewriteCond %{REQUEST_URI} !^/$
RewriteCond %{REQUEST_URI} !^/(apps|bin|etc|home|libs|system|tmp|var|saml_login|api|oauth/callback)
RewriteCond %{REQUEST_URI} !\.(?i:html|txt|xml|json|js|css|gif|jpe?g|png|rar|zip|flv|mov|wma|mp3|avi|swf|mp?g|mp4|webm|webp|pdf|tif|tiff|psd|raw|svg|ttf|woff|woff2|doc|docx|xls|xlsx|pptx|ppt|ico|asc|dwg|dxf|eps|jfif|enc|rfa|rvt|xhtml|igs|dot|edrw|gsm|ifc|xlsm|lcf|adsklib|csv)$
RewriteRule ^/(.*)$ /$1.html [PT,L]

View solution in original post

Views

121

Replies

0
Sign in to like this content

Total Likes

Translate
Translate
Jump to reply
2 Replies

Avatar

Community Advisor
Community Advisor
10/7/24 6:18:54 AM

do you see anything in dispatcher logs about blocked URLs?

 

Please check authentication token is blocking:

/*** { /type "allow" /url "*/oauth/token" }

 

Views

164

Replies

1
Sign in to like this content

Total Likes

Translate
Translate

Avatar

Correct answer by
Level 2
Level 2
10/8/24 12:03:38 AM
In response to SureshDhulipudi

Dear Suresh, thank you for your reply.

I found out that we had a rewrite rule that appended .html to the request and my auth handler checked for the url path and skipped the request because of the .html suffix.

I fixed the rewrite condition and now it works:

# Append .html extension to the incoming URL
RewriteCond %{REQUEST_URI} !^/$
RewriteCond %{REQUEST_URI} !^/(apps|bin|etc|home|libs|system|tmp|var|saml_login|api|oauth/callback)
RewriteCond %{REQUEST_URI} !\.(?i:html|txt|xml|json|js|css|gif|jpe?g|png|rar|zip|flv|mov|wma|mp3|avi|swf|mp?g|mp4|webm|webp|pdf|tif|tiff|psd|raw|svg|ttf|woff|woff2|doc|docx|xls|xlsx|pptx|ppt|ico|asc|dwg|dxf|eps|jfif|enc|rfa|rvt|xhtml|igs|dot|edrw|gsm|ifc|xlsm|lcf|adsklib|csv)$
RewriteRule ^/(.*)$ /$1.html [PT,L]

Views

122

Replies

0
Sign in to like this content

Total Likes

Translate
Translate
Jump to reply
Related Conversations
I want to disable the delete copy move and all the other options for the child components Solved

Views

140

Likes

0

Replies

5
Reg: Video Smartcrops in AEM 6.5

Views

48

Likes

0

Replies

1
Custom index in AEMaaCS environment appeared like it might be causing problem with OOTB query, but updating the index didn't fix it

Views

147

Likes

0

Replies

9
how to implement nonce for Content-Security-Policy script-src directive in dispatcher

Views

95

Likes

0

Replies

2
Ability to preview or thumbnail to preview for XF

Views

87

Likes

0

Replies

2