Hi I have a requirement where App A consumes restful services exposed by CQ. Some of these are from author and some are from publisher. In case of author we need to provide authentication for consuming restful services exposed by CQ. This authentication should be done against client DS server before passing credentials to CQ. For this I planned to create Custom Authentication handler. Some issue in this custom authentication handler. Here there is no form based authentication.
Public class CustomAuthHandler implements AuthenticationHandler {
//implements
extractCredentials():
requestCredentials():
dropCredentials():
}
I will be mapping this handler to my restful service path (it is servlet path). This authentication handler triggers and extractCredentials() method will be called. Here I am doing 3rd party authentication if it is success I will extract credentials from request header and send AuthenticationInfo object. It works fine. In case of failure also it works fine. But I just added return false in requestCredentials() method and nothing in dropCredentials(). As per API we need to give login form in requestCredentials and cleanup any sessions in dropCredentials but I am not sure what exactly I need to implement in these 2 methods for my requirement.
