Change user session for Anonymous URLs



Hi Experts,


Is it not possible to intercept a URL ( that is whitelisted for anonymous usage through "Apache Sling Authentication Service" configuration ) in AEM's Sling Filter and change it's User session ?


I'm trying to implement it with HttpServletRequestWrapper by adding a valid basic authorization token to request header. But, as I do requestWrapper.getUserPrincipal().getName().toString(), is still returning "anonymous" user. Any idea?

AEM session

Accepted Solutions (1)

Accepted Solutions (1)





Is my understanding correct that based on certain criteria you want to switch an anonymous session into an authenticated session of a different user?

Technically it should be possible (wrap the HttpRequest and inject a different session), but that's a lot of of work to make it right in all circumstances.


What do you want to achieve with that? I am quite sure that there might be a simpler way to solve your requirement.



Answers (0)