Adobe Experience Manager Sites & More

Here is a great community member article that talks about how to create a custom authentication handler. I recommend reading this: http://www.wemblog.com/2013/03/how-to-create-custom-authentication.html. The author of this blog is one of our community members. 

Thank you smacdonald2008.

I've been investigating today, and I've reviewed the link you've provided. This article talks about authentication handler (after authentication is done), not about authentication itself.

Now, I think my needs are closer to this blog: [1]

In [1] you could see this: "Note that LDAP login module com.day.crx.security.ldap.LDAPLoginModule in CQ is good example of custom Login Module", but there's no source code link! :-) 

It would be extremely useful for me if I can access the LDAPLoginModule source code (the fragment-bundle project). Is it public? Where can I find it?

Thank you very much!

[1] http://www.wemblog.com/2012/06/how-to-add-custom-login-module-in-cq55.html

Hi masters!

I'm still trying to configure NTLM authentication in my AEM 5.6.1 instance. I was looking for more documentation about it, but without luck.

I’ve tried to guess how to configure repository.xml, based on the comments in [3] & [4] references, in the first post, and I made a test:

• I’ve uncommented the line ‘<AuthorizableAction class="com.day.crx.core.ntlm.NTLMAuthorizableAction"/>’, in UserManager section.
• I’ve set ‘<param name="disableNTLMAuth" value="false"/>’, in LoginModule section.

After restart the instance, I found this error (many times):

So, it’s clear something is missing.

smacdonald2008, any help from AEM Product team?

It seems like NTLM authentication setup should be an easy task, but I’m lost. Anyone out there who has ever implemented this? Any, any tip, piece of advice, would be very, very appreciated.

Thank you very much!

Could you use NTMLAuthorizableAction instead of NTLMAuthorizableAction

I will follow up with them. Sorry about the difficult time that you are experiencing. 

Sham HC, I've repeated the test with <AuthorizableAction class="com.day.crx.core.ntlm.NTMLAuthorizableAction"/>, and now I don't see any 'was not found' error message in the log, but when I put my username and password in login page, I see this in the log:

16.09.2013 10:26:04.726 *INFO* [127.0.0.1 [1379319964723] POST /libs/granite/core/content/login.html/j_security_check HTTP/1.1] org.apache.sling.auth.core.impl.SlingAuthenticator handleLoginFailure: Unable to authenticate null: LoginModule ignored Credentials

Please help. Thank you!

smacdonald2008, thank you very much. I'll be waiting for news...

Hello Julio,

What are trying to do?  Enable single sign on so users do not have to login to AEM?  Or do you want to enable authentication via LDAP?  or both?

Thanks,

Nick

Hello Nick. Any news? 

@smacdonald2008: any feedback from AEM Product Team?

Thank you very much in advance.

Hello Nick.

The answer is both.

I’ve an author cluster, with a dispatcher. (No publishers in this scenario)

I’ll configure CQ to synchronize users/groups, from LDAP to CQ. I’ve configured LDAP previously, in other installations, and I don’t expect any problems with this.

But, furthermore, I would like that users in the Windows domain don’t have to write their username/password to access to CQ, so I would like to set up the NTLM, or Windows authentication.

I hope I’ve explained well enough! Please, feel free to ask me any questions.

Thank you very much in advance.

Here is a good piece of content that talks about extending Jackrabbit’s AbstractLoginModule:

http://satyadeepm.wordpress.com/2012/09/29/extending-jackrabbits-abstractloginmodule/

We do not have articles like this for AEM currently. However -- we are talking about the possibility of creating something like this meant to work with AEM. A step by step guide.