Custom authentication in AEM

Question

I have a need to build secure pages on a website by integrating with an external identity system. The external IDP has its own login page and it will redirect to AEM secure page after successful login after setting an identity cookie. I want to use this external login to establish authenticated session in AEM so that I can use AEM ACLs and permission handling. However, I do not want to sync users in AEM and may be just use a single pre-created user(with right group mappings) to login in AEM.I will validate the cookie with external IDP before I create a session in AEM with pre-created user. How can I achieve this ?

arunpatidar · Accepted Answer

Hi,We also implemented the same with cug and external IDP login page.1. we have a filter to redirect the user to the login page if the page is protected and the user is not logged in2. for cached pages, we use permission sensitive caching to check if page access.3. used token service to create a user in aem and added group received from external identity server, created aem session and created few cookies to store user/session related data.

Sign up

Login with SSO

Login to the community

Login with SSO

Scanning file for viruses.

This file cannot be downloaded