Expand my Community achievements bar.

Dive into Adobe Summit 2024! Explore curated list of AEM sessions & labs, register, connect with experts, ask questions, engage, and share insights. Don't miss the excitement.
SOLVED

AEM6.1 SAML Authentication, getCookies() is null after successfull authentication

Avatar

Level 5

Hi, we are using AEM6.1+ SP2, facing issue like request.getRequestURI() and httpServletRequest.getCookies() null in the custom authentication handler which is implementing AuthenticationInfoPostProcessor interface.

Same code is working fine in AEM6.0+sp2 from where we have migrated into AEM6.1, please let me know if any configuration or setting needs to be done to make it working? any help would be highly appreciated.

1 Accepted Solution

Avatar

Correct answer by
Level 5

This issue has been fixed, root cause of the issue was - "Adding request header: Cookie" missing in the requests which were coming from the dispatcher, a configuration is added in the apache to send the required header in the request.

View solution in original post

5 Replies

Avatar

Level 10

AFAIK there is no change.  Are you by any chance changing the protocal between http & https?

Avatar

Level 5

Hi Sham, thanks for replying, no there is no protocol change, it seems only problem with inplace upgrade, when we tried to setup the same configuration in fresh AEM6.1 instance, it is working fine but not working with inplace upgrade, please help provide some help. 

Avatar

Level 10

Use  http://www.aemstuff.com/tools/coi.html and see if any mismatch.  Otherwise engage with official support.

Avatar

Level 5

we have isolated the getCookies issues with dispatcher only, it started working with individual publish servers. We already have set-cookies in the header in the dispatcher configuration, please let me know if any other configuration we need to enable to make it working. We are using dispatcher 4.1.12 and AEM6.1 + SP2

 

/auth_checker
              {
            
              # any header line returned from the auth_checker's HEAD request matching
              # the section below will be returned as well
              /headers
                {
                /0000
                  {
                  /glob "*"
                  /type "deny"
                  }
                /0001
                  {
                  /glob "Set-Cookie:*"
                  /type "allow"
                  }
                }
              }

Avatar

Correct answer by
Level 5

This issue has been fixed, root cause of the issue was - "Adding request header: Cookie" missing in the requests which were coming from the dispatcher, a configuration is added in the apache to send the required header in the request.