Adobe Experience Manager Sites & More

mirkomanga · 3/15/22

Hi all,

for a large customer, we're evaluating a scenario using AEMaaCS for the authenticated area of portal: end user (>50000 users) needs to login to publish tier and consume content and backend services, secured through JWT. I'm aware about many customization one can setup with AEM, but also that CS version has its own peculiarities (https://experienceleague.adobe.com/docs/experience-manager-cloud-service/content/sites/authoring/per...), so can someone suggest me:

1) what's best strategy? SAML, Oauth or OIDC (I remember the latest one was a community integration, not Enterprise ready)?

2) from implementation side, it's better to rely on HTTPSession or JCRSession (on publish - I remember that Publish Tier was stateless)?

3) any other suggestion to deal with challenge in a winner way are welcome

Thanks in advance, regards

mirkomanga · 12/5/23

Hello @kautuk_sahni !!! You're welcome!!! As a general consideration we can only say that the infinite extensibility of AEM allows the identification of differentiated solutions depending on the use case and the requirement. In my case, the little number of Publish users (less than 5000) and the few interaction they'll be allowed to do with the site in the Private Area (subscribe page alert, save bookmarks, and personal informations - no more user generated content) allowed us to leverage the OOTB capabilities of AEM, features offered by the platform's native Sling Authentication Framework with custom implementation. We implemented all the registering/authentication/data management flows by our own; we also implemented a crypto AES-based utility in order to cypher data at-rest and decypher them in visualize them onto the web pages, ensuring full compliance with GDPR. Solution was the best fit for our needs. I suggest to anyone who'll have to deal with this challenge to start from official documentations: https://experienceleague.adobe.com/docs/experience-manager-cloud-service/content/sites/authoring/per...

View solution in original post

kautuk_sahni · 12/5/23

@aanchal-sikka @Avdhesh-Pandey @VictorToledo @sherinregi @Hafizur-Rahman @Hemant_arora @RobertHarperFS Can you please review this unanswered question? Appreciate your thoughts on this.

Kautuk Sahni

mirkomanga · 12/5/23

Thanks @kautuk_sahni but I solved and implemented the solution

kautuk_sahni · 12/5/23

@mirkomanga can you share the solution with community for posterity?

Kautuk Sahni

mirkomanga · 12/5/23

Hello @kautuk_sahni !!! You're welcome!!! As a general consideration we can only say that the infinite extensibility of AEM allows the identification of differentiated solutions depending on the use case and the requirement. In my case, the little number of Publish users (less than 5000) and the few interaction they'll be allowed to do with the site in the Private Area (subscribe page alert, save bookmarks, and personal informations - no more user generated content) allowed us to leverage the OOTB capabilities of AEM, features offered by the platform's native Sling Authentication Framework with custom implementation. We implemented all the registering/authentication/data management flows by our own; we also implemented a crypto AES-based utility in order to cypher data at-rest and decypher them in visualize them onto the web pages, ensuring full compliance with GDPR. Solution was the best fit for our needs. I suggest to anyone who'll have to deal with this challenge to start from official documentations: https://experienceleague.adobe.com/docs/experience-manager-cloud-service/content/sites/authoring/per...

kautuk_sahni · 12/5/23

@mirkomanga appreciate you sharing this with the broader AEM community. Good to have great SMEs like you here.

Adobe Experience Manager Sites & More

AEMaaCS - Publish - End-users Login & Sessions

Kautuk Sahni

Kautuk Sahni

Kautuk Sahni

Learn

Documentation

Community

Support

Resources

Adobe account

Adobe