We are implementing authentication on our AEMaaCS website. We have created a custom Authentication Handler, and have login working correctly.
Our login is unique and we needed to roll our own implementation, with an integration to our in-house user group and permissions service. Within our authentication handler, we are checking if the user's permissions (coming from a 3rd party integration) matches the permissions demanded by the page. If they do, we return a valid auth result and let the user view the page. If they don't, we set the response code to a 403 and do not allow the user to view the contents.
In the event that a user does not have permissions to a page, we are sending back a 403 status code. This results in a default 403 error page being shown.
How can we customize the 403 behavior such that:
Is there a customization we can make in the Dispatcher to pull this off, or do we need to implement java code?
Thanks!
Solved! Go to Solution.
Topics help categorize Community content and increase your ability to discover relevant content.
Views
Replies
Total Likes
For anyone else looking for a solution to this- we were able to configure ACS Common's error page handler so that it handles this scenario.
The trick to trigger it, is to clear the response and set an explicit 403 from either a servlet or filter. The ACS commons package will detect this and render your 403 error page.
Views
Replies
Total Likes
For anyone else looking for a solution to this- we were able to configure ACS Common's error page handler so that it handles this scenario.
The trick to trigger it, is to clear the response and set an explicit 403 from either a servlet or filter. The ACS commons package will detect this and render your 403 error page.
Views
Replies
Total Likes