Expand my Community achievements bar.

Masking idpURL while waiting for authentication SAML 2.0

Avatar

Level 1
Level 1
8/8/24 2:23:27 PM

Hello Community,

 

I am working on AEMasCS and for user authentication to my website, I am using SP initiated SAML 2.0 authentication.

 

The setup works in a way that when user hits https://website.url, it is redirected to idpURL mentioned in saml authentication handler configuration. Therefore, user sees https://authentication.tool.url.

Once the authentication is completed, the url comes back to actual website url.

 

How can I ensure that the user always see the website url to ensure a seamless experience for user. All the authentication and waiting for authentication should be transparent from address bar point of view.

Additionally, it brings one more problem that as soon as user hits base url of application it redirect to idpURL, thus user bookmarks wrong url mostly.

 

I tried setting reverse proxy, redirections but no luck.as of now. Possibility is I am doing it wrong as I am first time working with Dispatcher.

 

Has anyone tried it or has any inputs to achieve this behaviour?

 

Thanks

MK

Views

237

Replies

2
Sign in to like this content

Total Likes

Translate
Translate
2 Replies

Avatar

Level 5
Level 5
8/8/24 11:34:01 PM

Setting a reverse proxy seems a good option. Can you share more details about the error you are getting after setting the reverse proxy?

 

<LocationMatch "/sso">
    RewriteEngine on
    ProxyPass "https://idpurl.com"
    ProxyPassReverse "https://idpurl.com"
</LocationMatch>

 

Views

205

Replies

1
Sign in to like this content

Total Likes

Translate
Translate

Avatar

Level 1
Level 1
8/9/24 4:01:53 AM
In response to narendiran_ravi

Hi @narendiran_ravi 

 

Please correct me if wrong.

You are assuming /sso will be part of  https://website.url.,something like https://website.url/sso If yes, then that is not the case.

 

So, I believe this rule is never running.

 

In my case, the login page is maintained in AEM for authoring purpose only. But, the actual rendering is done from idP. idP pulls this page when base url is hit for application ->modify this page by adding login form in it -> finally shows it to user.

 

So, when the user hits https://website.url, due to SAML configuration it directly goes to idpURL which is like https://idpurl.com/sso. This means /sso is a path at idp and not in my application.

Next, once the user inputs the credentials, the user details are processed by idp and after succeful authentication returns back to web application at /saml_login

Regards

MK

Views

182

Replies

0
Sign in to like this content

Total Likes

Translate
Translate
Related Conversations
Adobe Developers Live, November 2024, Session | Extension Manager for AEM

Views

195

Likes

0

Replies

0
Adobe Developers Live, November 2024, On-Demand Session | Orchestrating Commerce APIs for headless implementations

Views

193

Likes

0

Replies

0
Adobe Developers Live, November 2024, On-Demand Session | Dynamic Media Masterclass: Best Practices for Performant Delivery

Views

134

Likes

0

Replies

0
Authentication to aio app builder from custom mcp

Views

158

Likes

0

Replies

2
Best Practices for Implementing Adobe Experience Manager (AEM) in 2024

Views

357

Likes

0

Replies

0