Our current project has AEM 6.1 in production with SAML authentication handler for user authentication. Also it has single site to serve for WEB, Mobile and Tablet (mobile responsive site).
Currently client wants to move to OAuth. But during migration , want to keep both SAML as well as OAuth for same site. i.e. if user access page1 on WEB do SAML authentication while when page1 access via Mobile do OAuth.
Please suggest whether its doable in AEM 6.1 if yes, any solution approach.
Since there is no way to define which handler on the same path to trigger for authentication you would have to do some customization.
You could implement a custom servlet /bin/auth and configure the authentication handlers under subpaths of the servlet - for example /bin/auth/saml. When the user accesses the AEM site via method requiring SAML then set a cookie to remember their original entry point and redirect to that servlet with a querystring saying which type of authentication. For Example:
Then redirect the user to the respective Auth Handler's path to trigger its normal authentication sequence (note that you should have stored a cookie remembering which page they started on before being redirected to /bin/auth?... so you could use that to send them back:
Auth handler OSGi configs:
SAML Handler "Path":
IDP would be configured with SAML Response to be sent to: