Custom Authentication Handler




     I used below link for aem-custom-authentication-handler

      Adobe CQ/Adobe AEM: How to Create Custom Authentication Handler in CQ

      but,not successfully implement.

     Also i did changes in aem config

          1.under apache sling post servlet, Make sure that you allow parameter you are posting. In this case j_*

              2.Added mycustom authentication prefix to sling authenticator service

          3.bundle deployed, my additional authentication handler present in slingauth authenticator.

my code -

public class MyCustomAuthenticationHandler extends DefaultAuthenticationFeedbackHandler implements AuthenticationHandler,AuthenticationFeedbackHandler{

          private static final String REQUEST_METHOD = "POST";

          private static final String USER_NAME = "j_username";

          private static final String PASSWORD = "j_password";

           static final String AUTH_TYPE = "CUSTOM";

       static final String REQUEST_URL_SUFFIX = "/j_mycustom_security_check";

        private Logger log = LoggerFactory.getLogger(this.getClass());

  public boolean authenticationSucceeded(HttpServletRequest request, HttpServletResponse response,AuthenticationInfo authInfo) {

            if(authInfo != null)


               return true;


  //Extract data from request Object

  public AuthenticationInfo extractCredentials(HttpServletRequest request, HttpServletResponse response) {

            if (REQUEST_METHOD.equals(request.getMethod()) && request.getRequestURI().endsWith(REQUEST_URL_SUFFIX)) {         

                    AuthenticationInfo info = new AuthenticationInfo(AUTH_TYPE,request.getParameter(USER_NAME),                     request.getParameter(PASSWORD).toCharArray());

/* if (!AuthUtil.isValidateRequest(request)) {

                AuthUtil.setLoginResourceAttribute(request, request.getContextPath());


              return info;


          return null;


  //Do something when authentication failed.

    public void authenticationFailed(HttpServletRequest request, HttpServletResponse response,

            AuthenticationInfo authInfo) {


public void dropCredentials(HttpServletRequest arg0, HttpServletResponse arg1) throws IOException {


public boolean requestCredentials(HttpServletRequest arg0, HttpServletResponse arg1) throws IOException {

          return true;