Change user session for Anonymous URLs

bsr78033597

14-07-2020

Hi Experts,

 

Is it not possible to intercept a URL ( that is whitelisted for anonymous usage through "Apache Sling Authentication Service" configuration ) in AEM's Sling Filter and change it's User session ?

 

I'm trying to implement it with HttpServletRequestWrapper by adding a valid basic authorization token to request header. But, as I do requestWrapper.getUserPrincipal().getName().toString(), is still returning "anonymous" user. Any idea?

AEM session

Accepted Solutions (1)

Accepted Solutions (1)

Jörg_Hoh

Employee

15-07-2020

Hi,

Is my understanding correct that based on certain criteria you want to switch an anonymous session into an authenticated session of a different user?

Technically it should be possible (wrap the HttpRequest and inject a different session), but that's a lot of of work to make it right in all circumstances.

 

What do you want to achieve with that? I am quite sure that there might be a simpler way to solve your requirement.

 

Jörg

Answers (0)