Expand my Community achievements bar.

Auth0 Custom authentication handler Redirect issue even tough valid session is available.

Avatar

Level 4
Level 4
4/27/24 1:13:52 AM

Hi Team,

 

I have created a custom authentication handler by extending DefaultAuthenticationFeedbackHandler, by implementing AuthenticationHandler.

 

Uppari_Ramesh_1-1714204429733.png

 

This handler is for /content path. Any request with /content path is coming to this handler. 

The problem here is even tough I am logged into AEM with admin credentials and accessing /content page the request is going to custom authentication handler. If I logged into AEM that means I have a valid session along with valid login-token.

When a valid session is available then why my authentication handler is triggering? Is there any way we can stop this handler if valid session is available then request should not come to custom authentication handler. 

This is going like infinite loop, I am creating the user session in handler and once authentication is succeeded then I am redirecting user to the requested URI, then request is again coming to handler.

@aanchal-sikka 

@kautuk_sahni @Vijayalakshmi_S @arunpatidar @EstebanBustamante @MayurSatav @lars_auffarth 

please help.

Views

203

Replies

3
Sign in to like this content

Total Likes

Translate
Translate
3 Replies

Avatar

Level 8
Level 8
4/29/24 1:52:02 PM

@Uppari_Ramesh 

You can try to ensure that your handler checks for the presence of a valid session before proceeding with the authentication process.

 

Something like 

isValidSession(SlingHttpServletRequest request) {
        // Get the current HTTP session from the request
        HttpSession session = request.getSession(false);

        // Check if there is a session and it has a specific attribute set upon login
        if (session != null && session.getAttribute("userLoggedIn") != null) {
            // Session exists and user is logged in
            return true;
        } else {
            // No valid session exists
            return false;
        }

In this condition check for a session cookie or a session attribute that indicates an authenticated session.

 

 

Views

143

Replies

0
Sign in to like this content

Total Likes

Translate
Translate

Avatar

Administrator
Administrator
5/20/24 12:02:45 AM

@Uppari_Ramesh Did you find the suggestion helpful? Please let us know if more information is required. Otherwise, please mark the answer as correct for posterity. If you have found out solution yourself, please share it with the community.



Kautuk Sahni

Views

93

Replies

0
Sign in to like this content

Total Likes

Translate
Translate

Avatar

Level 4
Level 4
5/24/24 2:58:11 AM

Update: The authentication handler will automatically validates user session and we would just need to implement the handler properly. You can take reference of OOTB saml authentication handler and will get an idea how can we implement the handler properly.

 

@kautuk_sahni @gkalyan 

Views

76

Replies

0
Sign in to like this content

Total Likes

Translate
Translate
Related Conversations
Replication issue - /bin/receive.servlet is not in available search paths Solved

Views

235

Likes

0

Replies

12
AEM Core Components Form field Validation on submit Solved

Views

163

Likes

0

Replies

5
Site Optimization of clientlibs: loading only what is needed? Solved

Views

110

Likes

0

Replies

3
App Builder authentication

Views

58

Likes

0

Replies

1
Is it safe to delete 'data*.tar.bak' files form segment store

Views

58

Likes

0

Replies

1