Your achievements

Level 1

0% to

Level 2

Tip /
Sign in

Sign in to Community

to gain points, level up, and earn exciting badges like the new
Bedrock Mission!

Learn more

View all

Sign in to view all badges

SOLVED

Need help on user authorization with LDAP Login module

samthadhani
Level 3
Level 3

Hi,

I am working on the Active Directory and have configured LDAP on my publisher local instance, when i make a call to any_url/j_security_check with j_username and j_password (the user and their credentials are stored in AD) with valid credentials i get to sign in and do stuff. But i have a use case where i want the users not to interact with the system until they they verify themselves with the verification link which we generate at the time of their registration. Once they click on that registration link a property is set on the users profile which we use to check whether they can be allowed to use the system or not.

The problem is if i make a ajax call with appropriate creds, users can sign in and interact with system. Authentication in my case is ok but Authorization is not. I want to know what should be the best way to solve this problem.

Do i have to extend the Ldap login module?  I think No, because it is doing what it is supposed to do.  I want to fail authentication if they are not authorized to use the system. Any pointers will be of great help. I tried looking for LDAPLoginModule in depfinder and over net but could not find the jar for that.

1 Accepted Solution
smacdonald2008
Correct answer by
Level 10
Level 10

See the community article written by Yogesh Upadhyay - he is an AEM community member:

http://www.wemblog.com/2012/06/how-to-add-custom-login-module-in-cq55.html

Hope this helps. 

View solution in original post

0 Replies
smacdonald2008
Correct answer by
Level 10
Level 10

See the community article written by Yogesh Upadhyay - he is an AEM community member:

http://www.wemblog.com/2012/06/how-to-add-custom-login-module-in-cq55.html

Hope this helps. 

View solution in original post

samthadhani
Level 3
Level 3

I actually had a look at the article and i also had a look at the article www.wemblog.com/2013/03/how-to-create-custom-authentication.html

Do you think i can get away with just writing a custom authentication or do i need to write a login module and a custom authentication both or just a custom login module. I am able to login to CQ using Active Directory so i think i can use the LDAPLoginModule anyways without changing it.

Sam205505050
Level 6
Level 6

As your authentication works, so I think you do not need to touch LDAP login module. For authorization, you can assign that user to a group and give the necessary permission to that group.