Expand my Community achievements bar.

Elevate your expertise and be recognized as a true influencer! Nominations for the exclusive Adobe Community Advisor program 2023 are now OPEN.
SOLVED

Combine SAML-SSO and Username/Password via Login page?

Avatar

Level 1

Author v6.5.11

 

Hello,

 

We have successfully configured SAML for the AEM Author system 6.5.11. However, for various reasons we also need the default login with local username and password.

Is it at all possible in AEM to combine both and make them available for selection on the default login page? Maybe with AEM 7? Or is there already a checkbox somewhere for this case that we have overlooked?

 

Regards

1 Accepted Solution

Avatar

Correct answer by
Community Advisor

Hi,

then you have to adjust the root path for SAML.

use /content for path

 

1 Reply

Avatar

Community Advisor

Hi,

It is possible,

Just go to login page for login with credentials  http://localhost:4502/libs/granite/core/content/login.html

Avatar

Level 1

Thanks for your answer.

With SAML in place the visitor is redirected to the IdP-Login page when going to http://localhost:4502/libs/granite/core/content/login.html

 

I am looking for a way that the user can choose on the login page to use already present local username/password or SSO via SAML and smartcard (different credentials).

 

Avatar

Correct answer by
Community Advisor

Hi,

then you have to adjust the root path for SAML.

use /content for path

 

Avatar

Level 1

The answer is not correct. In an Author-Environment setting the path to /content does nothing.

What I'm looking for is the same as e.g. Zabbix is offering:
https://www.zabbix.com/documentation/current/en/manual/web_interface/frontend_sections/administratio...

"If SAML authentication is enabled, users will be able to choose between logging in locally or via SAML Single Sign-On."

Screenshot: https://github.com/zabbix/zabbix-docker/issues/815

Avatar

Level 1

Hi arunpatidar,

thanks, but our author is on premise. And no, we won't move to Azure or use AD 😉

Regards

Avatar

Community Advisor

Hi,

You can use any IDP but the blog shows the approach, how can use saml only for few paths.

Avatar

Community Advisor

Make sure in SAML configuration root path for the login should be configured with needed conditions

Do not have / as the SAML configuration instead have the project specific configuration in that case you can directly access the login page.