Expand my Community achievements bar.

SOLVED

AEM Dispatcher config for custom authentication handler

Avatar

Level 2
Level 2
10/7/24 2:08:52 AM

Hello,

i have written a custom authentication handler for OIDC based on this one: https://experienceleaguecommunities.adobe.com/t5/adobe-experience-manager-blogs/building-an-aem-cust...
It works locally but when i deploy it to the cloud instance, the redirect from my auth server back to AEM does not work. I think it is somehow blocked by the dispatcher.
I already whitelisted the URL and parameters in the filters.any but it still does not work.

Any suggestions would be helpful.

 

# Allow oauth callback
/801 { /type "allow" /url "*/oauth/callback" }
/802 { /type "allow" /method "GET" /query "code=*" }
/803 { /type "allow" /method "GET" /query "state=*" }

Views

229

Replies

2
Sign in to like this content

Total Likes

Translate
Translate
1 Accepted Solution

Avatar

Correct answer by
Level 2
Level 2
10/8/24 12:03:38 AM
In response to SureshDhulipudi

Dear Suresh, thank you for your reply.

I found out that we had a rewrite rule that appended .html to the request and my auth handler checked for the url path and skipped the request because of the .html suffix.

I fixed the rewrite condition and now it works:

# Append .html extension to the incoming URL
RewriteCond %{REQUEST_URI} !^/$
RewriteCond %{REQUEST_URI} !^/(apps|bin|etc|home|libs|system|tmp|var|saml_login|api|oauth/callback)
RewriteCond %{REQUEST_URI} !\.(?i:html|txt|xml|json|js|css|gif|jpe?g|png|rar|zip|flv|mov|wma|mp3|avi|swf|mp?g|mp4|webm|webp|pdf|tif|tiff|psd|raw|svg|ttf|woff|woff2|doc|docx|xls|xlsx|pptx|ppt|ico|asc|dwg|dxf|eps|jfif|enc|rfa|rvt|xhtml|igs|dot|edrw|gsm|ifc|xlsm|lcf|adsklib|csv)$
RewriteRule ^/(.*)$ /$1.html [PT,L]

View solution in original post

Views

141

Replies

0
Sign in to like this content

Total Likes

Translate
Translate
Jump to reply
2 Replies

Avatar

Community Advisor
Community Advisor
10/7/24 6:18:54 AM

do you see anything in dispatcher logs about blocked URLs?

 

Please check authentication token is blocking:

/*** { /type "allow" /url "*/oauth/token" }

 

Views

184

Replies

1
Sign in to like this content

Total Likes

Translate
Translate

Avatar

Correct answer by
Level 2
Level 2
10/8/24 12:03:38 AM
In response to SureshDhulipudi

Dear Suresh, thank you for your reply.

I found out that we had a rewrite rule that appended .html to the request and my auth handler checked for the url path and skipped the request because of the .html suffix.

I fixed the rewrite condition and now it works:

# Append .html extension to the incoming URL
RewriteCond %{REQUEST_URI} !^/$
RewriteCond %{REQUEST_URI} !^/(apps|bin|etc|home|libs|system|tmp|var|saml_login|api|oauth/callback)
RewriteCond %{REQUEST_URI} !\.(?i:html|txt|xml|json|js|css|gif|jpe?g|png|rar|zip|flv|mov|wma|mp3|avi|swf|mp?g|mp4|webm|webp|pdf|tif|tiff|psd|raw|svg|ttf|woff|woff2|doc|docx|xls|xlsx|pptx|ppt|ico|asc|dwg|dxf|eps|jfif|enc|rfa|rvt|xhtml|igs|dot|edrw|gsm|ifc|xlsm|lcf|adsklib|csv)$
RewriteRule ^/(.*)$ /$1.html [PT,L]

Views

142

Replies

0
Sign in to like this content

Total Likes

Translate
Translate
Jump to reply
Related Conversations
AEM headless architecture Solved

Views

44

Likes

0

Replies

4
How to Render the different version of Header for Specific Pages Using Experience Fragments in AEM?

Views

35

Likes

0

Replies

1
Best Site Search Engine with AEM

Views

57

Likes

0

Replies

2
Sitecore to AEM cloud migration reference implementation

Views

62

Likes

0

Replies

1
Way to remove the timestamp from the metadata field for expiry date

Views

113

Likes

0

Replies

4