Custom authentication in AEM

Avatar

Avatar

kunal29

Avatar

kunal29

kunal29

25-11-2020

I have a need to build secure pages on a website by integrating with an external identity system. The external IDP has its own login page and it will redirect to AEM secure page after successful login after setting an identity cookie. I want to use this external login to establish authenticated session in AEM so that I can use AEM ACLs and permission handling. However, I do not want to sync users in AEM and may be just use a single pre-created user(with right group mappings) to login in AEM.I will validate the cookie with external IDP before I create a session in AEM with pre-created user. How can I achieve this ?

Accepted Solutions (1)

Accepted Solutions (1)

Avatar

Avatar

Arun_Patidar

MVP

Total Posts

3.1K

Likes

1.2K

Correct Reply

879

Avatar

Arun_Patidar

MVP

Total Posts

3.1K

Likes

1.2K

Correct Reply

879
Arun_Patidar
MVP

17-02-2021

Hi,

We also implemented the same with cug and external IDP login page.

1. we have a filter to redirect the user to the login page if the page is protected and the user is not logged in

2. for cached pages, we use permission sensitive caching to check if page access.

3. used token service to create a user in aem and added group received from external identity server, created aem session and created few cookies to store user/session related data.

Answers (0)