Expand my Community achievements bar.

SOLVED

How to authenticate users on clustered instances when they have just logged inside one of the publishers.

Avatar

Former Community Member
10/15/15 7:27:07 PM

Hi,

We have a requirement where we want users to be logged in for a very long duration on publishers, so they don't have to login again. I have written a custom authentication handler which takes care of modifying the cookie and token duration (i.e. it resets the .token.exp node value based on the users preference). I was thinking of reverse replicating these tokens to other publishers but it seem like they are not being picked up by the publisher for reverse replication because the name of the node is .tokens (contains a dot in front), i don't know if this was done by Adobe for security. 

How can i achieve this requirement. Any help is appreciated.

I know it is a security risk to keep them logged in but this what the client wants. 

We are using sticky session but duration for which users would be logged in is quite high and we can't just force them to go on the same instance every single time. We need to authenticate them on the other publisher without having to login.

Thanks

Views

586

Replies

3

Total Likes

Translate
Translate
1 Accepted Solution

Avatar

Correct answer by
Level 10
Level 10
10/15/15 7:27:07 PM

Use sso for your usecase http://docs.adobe.com/docs/en/cq/current/deploying/single_sign_on.html

View solution in original post

Views

440

Replies

0
Sign in to like this content

Total Likes

Translate
Translate
Jump to reply
3 Replies

Avatar

Correct answer by
Level 10
Level 10
10/15/15 7:27:07 PM

Use sso for your usecase http://docs.adobe.com/docs/en/cq/current/deploying/single_sign_on.html

Views

441

Replies

0
Sign in to like this content

Total Likes

Translate
Translate
Jump to reply

Avatar

Former Community Member
10/15/15 7:27:07 PM

Sham HC wrote...

Use sso for your usecase http://docs.adobe.com/docs/en/cq/current/deploying/single_sign_on.html

 

Hi Sham,

Thanks for your response.

If i do something like header based authentication and pass the cookie within the header will it be recognized on the other publisher where the token hasn't been created. I mean login-token cookie would be my preferred approach to do this authentication and we are using that in one of our classes along with form based authentication but wouldn't this authentication be rejected if the token is not present on the other publisher. I don't want to use userid for authentication, i want to user the token for this.

Thanks

Views

545

Replies

0

Total Likes

Translate
Translate
Related Conversations
Customization on Content Fragment Model Add multifield contain 3 text field in CFM [AEM6.5] Solved

Views

139

Likes

0

Replies

4
how to get access code on Practice Tests Page Solved

Views

92

Likes

0

Replies

1
Unable to get filevault tool for IntelliJ

Views

23

Likes

0

Replies

1
dependency and embbed, out of this properties which property is having more precedence ?

Views

67

Likes

0

Replies

3
Core Form Container -Reading (displaying) input field values in next page(not refreshing the page).

Views

69

Likes

0

Replies

2