I am working on the Active Directory and have configured LDAP on my publisher local instance, when i make a call to any_url/j_security_check with j_username and j_password (the user and their credentials are stored in AD) with valid credentials i get to sign in and do stuff. But i have a use case where i want the users not to interact with the system until they they verify themselves with the verification link which we generate at the time of their registration. Once they click on that registration link a property is set on the users profile which we use to check whether they can be allowed to use the system or not.
The problem is if i make a ajax call with appropriate creds, users can sign in and interact with system. Authentication in my case is ok but Authorization is not. I want to know what should be the best way to solve this problem.
Do i have to extend the Ldap login module? I think No, because it is doing what it is supposed to do. I want to fail authentication if they are not authorized to use the system. Any pointers will be of great help. I tried looking for LDAPLoginModule in depfinder and over net but could not find the jar for that.
Solved! Go to Solution.
I actually had a look at the article and i also had a look at the article www.wemblog.com/2013/03/how-to-create-custom-authentication.html
Do you think i can get away with just writing a custom authentication or do i need to write a login module and a custom authentication both or just a custom login module. I am able to login to CQ using Active Directory so i think i can use the LDAPLoginModule anyways without changing it.
As your authentication works, so I think you do not need to touch LDAP login module. For authorization, you can assign that user to a group and give the necessary permission to that group.