Auth0 Custom authentication handler Redirect issue even tough valid session is available. | Community
Skip to main content
Uppari_Ramesh
Uppari_Ramesh
April 27, 2024
Solved

Auth0 Custom authentication handler Redirect issue even tough valid session is available.

  • April 27, 2024
  • 3 replies
  • 1052 views

Hi Team,

 

I have created a custom authentication handler by extending DefaultAuthenticationFeedbackHandler, by implementing AuthenticationHandler.

 

 

This handler is for /content path. Any request with /content path is coming to this handler. 

The problem here is even tough I am logged into AEM with admin credentials and accessing /content page the request is going to custom authentication handler. If I logged into AEM that means I have a valid session along with valid login-token.

When a valid session is available then why my authentication handler is triggering? Is there any way we can stop this handler if valid session is available then request should not come to custom authentication handler. 

This is going like infinite loop, I am creating the user session in handler and once authentication is succeeded then I am redirecting user to the requested URI, then request is again coming to handler.

@aanchal-sikka 

@kautuk_sahni @vijayalakshmi_s @arunpatidar @estebanbustamante @mayursatav @larsauffarth 

please help.

    Best answer by Uppari_Ramesh

    Update: The authentication handler will automatically validates user session and we would just need to implement the handler properly. You can take reference of OOTB saml authentication handler and will get an idea how can we implement the handler properly.

     

    @kautuk_sahni @gkalyan 

    3 replies

    gkalyan
    Community Advisor and Adobe Champion
    gkalyanCommunity Advisor and Adobe Champion
    Community Advisor and Adobe Champion
    April 29, 2024

    @uppari_ramesh 

    You can try to ensure that your handler checks for the presence of a valid session before proceeding with the authentication process.

     

    Something like 

    isValidSession(SlingHttpServletRequest request) {
        // Get the current HTTP session from the request
        HttpSession session = request.getSession(false);

        // Check if there is a session and it has a specific attribute set upon login
        if (session != null && session.getAttribute("userLoggedIn") != null) {
            // Session exists and user is logged in
            return true;
        } else {
            // No valid session exists
            return false;
        }

    In this condition check for a session cookie or a session attribute that indicates an authenticated session.

     

     

      kautuk_sahni
      Community Manager
      kautuk_sahniCommunity Manager
      Community Manager
      May 20, 2024

      @uppari_ramesh Did you find the suggestion helpful? Please let us know if more information is required. Otherwise, please mark the answer as correct for posterity. If you have found out solution yourself, please share it with the community.

      Kautuk Sahni
      Uppari_Ramesh
      Uppari_RameshAuthorAccepted solution
      May 24, 2024

      Update: The authentication handler will automatically validates user session and we would just need to implement the handler properly. You can take reference of OOTB saml authentication handler and will get an idea how can we implement the handler properly.

       

      @kautuk_sahni @gkalyan 

      L
      laniweisbart
      February 24, 2025

      Where can I see the OOTB saml authentication handler?

      Terms & ConditionsAccessibility statement

      Loading footer...