NTLM in AEM 5.6.1 | Community
Skip to main content
J
Julio_Baixauli
Level 4
October 16, 2015
Solved

NTLM in AEM 5.6.1

  • October 16, 2015
  • 12 replies
  • 3142 views

Hello!

 

I’m looking for documentation about how to configure NTLM authentication in AEM 5.6.1.

For now, I’ve located these documents: [1],[2], [3] and [4], but in my opinion they’re very brief and incomplete. I need more detailed info. Specifically, I need information about the disableNTLMAuth parameter in LoginModule and NTLMAuthorizableAction.

Any more general, explanatory information regarding 'NTLM in AEM 5.6.1' concept would be also very appreciated.

Do you know any good source of information?

 

[1] http://dev.day.com/docs/en/cq/current/deploying/single_sign_on.html

[2] http://dev.day.com/docs/en/cq/current/deploying/osgi_configuration_settings.html#Day%20CQ%20SSO%20Authentication%20Handler

[3] http://dev.day.com/docs/en/cq/5-6/core/release_notes/overview/important_notes.html#Changes in Default Configuration

[4] http://dev.day.com/content/docs/en/crx/current/release_notes/overview.html#Changes in Default Configuration

This post is no longer active and is closed to new replies. Need help? Start a new post to ask your question.
Best answer by smacdonald2008

The product team simply said this is a supported use case. 

As you stated that authenication via LDAP was one of your goals -- this is a supported. As an example -- see the follownig artilce that bases this use case on Apache Directory Service. This artilce shows you how you can configure CQ to pull in users from this specific LDAP systems. See http://scottsdigitalcommunity.blogspot.ca/2012/10/configuring-adobe-cq-to-use-apache.html

Your 2nd goals is SSO: "Windows domain don’t have to write their username/password to access to CQ, so I would like to set up the NTLM, or Windows authentication."

IN this article:

http://www.wemblog.com/2012/06/how-to-add-custom-login-module-in-cq55.html it states that you have to write an OSGi bundle that uses org.apache.jackrabbit.core.security.authentication.AbstractLoginModule. Have you done this yet? That would be the way to meet your needs

 



 

12 replies

Show previous replies
smacdonald2008
smacdonald2008Accepted solution
Level 10
October 16, 2015

The product team simply said this is a supported use case. 

As you stated that authenication via LDAP was one of your goals -- this is a supported. As an example -- see the follownig artilce that bases this use case on Apache Directory Service. This artilce shows you how you can configure CQ to pull in users from this specific LDAP systems. See http://scottsdigitalcommunity.blogspot.ca/2012/10/configuring-adobe-cq-to-use-apache.html

Your 2nd goals is SSO: "Windows domain don’t have to write their username/password to access to CQ, so I would like to set up the NTLM, or Windows authentication."

IN this article:

http://www.wemblog.com/2012/06/how-to-add-custom-login-module-in-cq55.html it states that you have to write an OSGi bundle that uses org.apache.jackrabbit.core.security.authentication.AbstractLoginModule. Have you done this yet? That would be the way to meet your needs

 



 

smacdonald2008
smacdonald2008
Level 10
October 16, 2015

Here is a good piece of content that talks about extending Jackrabbit’s AbstractLoginModule:

http://satyadeepm.wordpress.com/2012/09/29/extending-jackrabbits-abstractloginmodule/

We do not have articles like this for AEM currently. However -- we are talking about the possibility of creating something like this meant to work with AEM. A step by step guide. 
 

Terms & ConditionsAccessibility statement

Loading footer...