Get user login detail from custom login page | Community
Skip to main content
Y
YuSheng
Level 3
December 15, 2022
Solved

Get user login detail from custom login page

  • December 15, 2022
  • 1 reply
  • 959 views

Dear community,

I would like to collect user's login detail from my custom login page whether the login action is successful or not.

The scenario would be: when the existing user log in AEM, the system write the timestamp into a user property for admins to check. When the user log in with wrong password, the timestamp should be recorded on another property under the user, then the Sign In buttom could be set disabled for, say, 15mins. 

Any comments are welcome!

This post is no longer active and is closed to new replies. Need help? Start a new post to ask your question.
Best answer by Anmol_Bhardwaj

Hi @yusheng ,

 

1. If you are using custom login code as well, then you can simply get the user details from Session Object. And then create nodes based on it.

https://developer.adobe.com/experience-manager/reference-materials/spec/javax.jcr/javadocs/jcr-1.0/javax/jcr/Session.html 

2. If you are using a SAML2.0 sign in , you will also get a success token and a failure token, based on this, you can perform the actions above.

Ref: https://experienceleague.adobe.com/docs/experience-manager-65/administering/security/saml-2-0-authenticationhandler.html 

1 reply

Anmol_Bhardwaj
Community Advisor
Anmol_BhardwajCommunity AdvisorAccepted solution
Community Advisor
December 15, 2022

Hi @yusheng ,

 

1. If you are using custom login code as well, then you can simply get the user details from Session Object. And then create nodes based on it.

https://developer.adobe.com/experience-manager/reference-materials/spec/javax.jcr/javadocs/jcr-1.0/javax/jcr/Session.html 

2. If you are using a SAML2.0 sign in , you will also get a success token and a failure token, based on this, you can perform the actions above.

Ref: https://experienceleague.adobe.com/docs/experience-manager-65/administering/security/saml-2-0-authenticationhandler.html 

    Y
    YuShengAuthor
    Level 3
    December 15, 2022

    Hi @anmol_bhardwaj, thank you for the reply,

    Would go for building a class (which import session) under core and trigger it in custom login.jsp. (I suppose this is what you talked about)

     

    As to failure token you mentioned, Is using SAML2.0 sign in the only way to get failure token?

     

    Y
    YuShengAuthor
    Level 3
    December 15, 2022

    Now I succesfully record the last login time.

    The way I did is to locate " Redirects after successful login or password change. " in login.js under clientlib, since the user is authenticated before this step, then I call the servlet to write the login time in property.

     

    It seems a bit awkward but it works...

    Keep working on capturing failure login detail! 

     

    Snippet:

    @Override
	protected void doGet(SlingHttpServletRequest request, SlingHttpServletResponse response) throws IOException {
		ResourceResolver resolver = request.getResourceResolver();
		session = resolver.adaptTo(Session.class);
		String userId = session.getUserID();

		try {
			UserManager userManager = ((JackrabbitSession) session).getUserManager();
			Authorizable user = userManager.getAuthorizable(userId);

			SimpleDateFormat sdf = new SimpleDateFormat("yyyy-MM-dd'T'HH:mm:ss.SSSXXX");
			user.setProperty("profile/lastLoginTimestamp",
					session.getValueFactory().createValue(sdf.format(new Date())));

			session.save();
			session.logout();
			
		} catch (Exception e) {
			log.error("Error in getting user detail" + e.getMessage());
		}
	}

     

    Terms & ConditionsAccessibility statement

    Loading footer...