Expand my Community achievements bar.

SOLVED

LDAP and SSO Authenticate on AEM Publish

Avatar

Level 10

Hi all,
I see article "Authenticate to AEM Author using OKTA" at  Configuring OKTA with AEM | Adobe Experience Manager
Is Authenticate to AEM Publish using OKTA and LDAP relevant?

For Author environment, all authors are employees are for corporate and so LDAP and SSO make sense.

When it comes to publish, the end users' authentication info is not in any central system.

So, LDAP and SSO may not be relevant on Publish.

 

Kindly comment.

 

Thanks,

Rama.

1 Accepted Solution

Avatar

Correct answer by
Level 4

Hi Rama,

 

In my view, It is possible to use LDAP or a single sign-on (SSO) solution such as Okta to authenticate users on both the AEM Author and AEM Publish environments.

In the case of the AEM Author environment, where the users are typically employees of the organization, LDAP or SSO can be used to authenticate users against the organization's directory service or identity provider. This can simplify the process of managing user accounts and permissions, and ensure that only authorized users have access to the AEM Author environment.

In the case of the AEM Publish environment, where the users are typically external customers or clients, it may not be practical to use LDAP or SSO for authentication. Instead, it may be necessary to use other methods of authentication, such as a custom login form or an external authentication service, to authenticate users on the AEM Publish environment.

It is important to consider the specific needs and requirements of the organization when deciding how to authenticate users on the AEM Author and AEM Publish environments. The use of LDAP or SSO may not be relevant or necessary in all cases, and it may be necessary to use other methods of authentication depending on the needs of the organization and the users accessing the AEM environments.

Cheers,

Monendra

View solution in original post

2 Replies

Avatar

Correct answer by
Level 4

Hi Rama,

 

In my view, It is possible to use LDAP or a single sign-on (SSO) solution such as Okta to authenticate users on both the AEM Author and AEM Publish environments.

In the case of the AEM Author environment, where the users are typically employees of the organization, LDAP or SSO can be used to authenticate users against the organization's directory service or identity provider. This can simplify the process of managing user accounts and permissions, and ensure that only authorized users have access to the AEM Author environment.

In the case of the AEM Publish environment, where the users are typically external customers or clients, it may not be practical to use LDAP or SSO for authentication. Instead, it may be necessary to use other methods of authentication, such as a custom login form or an external authentication service, to authenticate users on the AEM Publish environment.

It is important to consider the specific needs and requirements of the organization when deciding how to authenticate users on the AEM Author and AEM Publish environments. The use of LDAP or SSO may not be relevant or necessary in all cases, and it may be necessary to use other methods of authentication depending on the needs of the organization and the users accessing the AEM environments.

Cheers,

Monendra

Avatar

Employee Advisor

Hi Rama,

 

Completely agree with @Monendra_Singh here.

But I would like to share my personal experience here, in my project we do have multiple intranet sites and these intranet sites are accessible to client's employees only.

 

To eliminate security threats client wanted to have SSO on intranet sites as well. 

So, we did implement SSO with PingFederate as IDP on publish instance for employees also.

 

One thing I can say it depends on specific needs and requirements of the organization.