Your achievements

Level 1

0% to

Level 2

Tip /
Sign in

Sign in to Community

to gain points, level up, and earn exciting badges like the new
Bedrock Mission!

Learn more

View all

Sign in to view all badges

Custom Authentication Handler

Level 2
Level 2


     I used below link for aem-custom-authentication-handler

      Adobe CQ/Adobe AEM: How to Create Custom Authentication Handler in CQ

      but,not successfully implement.

     Also i did changes in aem config

          1.under apache sling post servlet, Make sure that you allow parameter you are posting. In this case j_*

              2.Added mycustom authentication prefix to sling authenticator service

          3.bundle deployed, my additional authentication handler present in slingauth authenticator.

my code -

public class MyCustomAuthenticationHandler extends DefaultAuthenticationFeedbackHandler implements AuthenticationHandler,AuthenticationFeedbackHandler{

          private static final String REQUEST_METHOD = "POST";

          private static final String USER_NAME = "j_username";

          private static final String PASSWORD = "j_password";

           static final String AUTH_TYPE = "CUSTOM";

       static final String REQUEST_URL_SUFFIX = "/j_mycustom_security_check";

        private Logger log = LoggerFactory.getLogger(this.getClass());

  public boolean authenticationSucceeded(HttpServletRequest request, HttpServletResponse response,AuthenticationInfo authInfo) {

            if(authInfo != null)


               return true;


  //Extract data from request Object

  public AuthenticationInfo extractCredentials(HttpServletRequest request, HttpServletResponse response) {

            if (REQUEST_METHOD.equals(request.getMethod()) && request.getRequestURI().endsWith(REQUEST_URL_SUFFIX)) {         

                    AuthenticationInfo info = new AuthenticationInfo(AUTH_TYPE,request.getParameter(USER_NAME),                     request.getParameter(PASSWORD).toCharArray());

/* if (!AuthUtil.isValidateRequest(request)) {

                AuthUtil.setLoginResourceAttribute(request, request.getContextPath());


              return info;


          return null;


  //Do something when authentication failed.

    public void authenticationFailed(HttpServletRequest request, HttpServletResponse response,

            AuthenticationInfo authInfo) {


public void dropCredentials(HttpServletRequest arg0, HttpServletResponse arg1) throws IOException {


public boolean requestCredentials(HttpServletRequest arg0, HttpServletResponse arg1) throws IOException {

          return true;



0 Replies