Expand my Community achievements bar.

Don’t miss the AEM Skill Exchange in SF on Nov 14—hear from industry leaders, learn best practices, and enhance your AEM strategy with practical tips.
Read More & Register today!

Auth0 Custom authentication handler Redirect issue even tough valid session is available.

Avatar

Level 4
Level 4
4/27/24 1:13:52 AM

Hi Team,

 

I have created a custom authentication handler by extending DefaultAuthenticationFeedbackHandler, by implementing AuthenticationHandler.

 

Uppari_Ramesh_1-1714204429733.png

 

This handler is for /content path. Any request with /content path is coming to this handler. 

The problem here is even tough I am logged into AEM with admin credentials and accessing /content page the request is going to custom authentication handler. If I logged into AEM that means I have a valid session along with valid login-token.

When a valid session is available then why my authentication handler is triggering? Is there any way we can stop this handler if valid session is available then request should not come to custom authentication handler. 

This is going like infinite loop, I am creating the user session in handler and once authentication is succeeded then I am redirecting user to the requested URI, then request is again coming to handler.

@aanchal-sikka 

@kautuk_sahni @Vijayalakshmi_S @arunpatidar @EstebanBustamante @MayurSatav @lars_auffarth 

please help.

Views

385

Replies

3
Sign in to like this content

Total Likes

Translate
Translate
3 Replies

Avatar

Community Advisor
Community Advisor
4/29/24 1:52:02 PM

@Uppari_Ramesh 

You can try to ensure that your handler checks for the presence of a valid session before proceeding with the authentication process.

 

Something like 

isValidSession(SlingHttpServletRequest request) {
        // Get the current HTTP session from the request
        HttpSession session = request.getSession(false);

        // Check if there is a session and it has a specific attribute set upon login
        if (session != null && session.getAttribute("userLoggedIn") != null) {
            // Session exists and user is logged in
            return true;
        } else {
            // No valid session exists
            return false;
        }

In this condition check for a session cookie or a session attribute that indicates an authenticated session.

 

 

Views

325

Replies

0
Sign in to like this content

Total Likes

Translate
Translate

Avatar

Administrator
Administrator
5/20/24 12:02:45 AM

@Uppari_Ramesh Did you find the suggestion helpful? Please let us know if more information is required. Otherwise, please mark the answer as correct for posterity. If you have found out solution yourself, please share it with the community.



Kautuk Sahni

Views

275

Replies

0
Sign in to like this content

Total Likes

Translate
Translate

Avatar

Level 4
Level 4
5/24/24 2:58:11 AM

Update: The authentication handler will automatically validates user session and we would just need to implement the handler properly. You can take reference of OOTB saml authentication handler and will get an idea how can we implement the handler properly.

 

@kautuk_sahni @gkalyan 

Views

258

Replies

0
Sign in to like this content

Total Likes

Translate
Translate
Related Conversations
AEM 6.5.19 Sling Model is not being registered Solved

Views

132

Likes

0

Replies

6
HTL issue Solved

Views

99

Likes

0

Replies

4
Oak index definition generator XML output is blank

Views

50

Likes

0

Replies

1
What does the async state "temp-async" indicate in a merged custom index? Help finding documentation on this.

Views

135

Likes

0

Replies

5
BPA report list is highlighting Custom Client libraries

Views

63

Likes

0

Replies

1