Highlighted

Persist user login event after browser restart?

jegadeeshanm

30-01-2018

Hi all,

Hope everyone is doing well.

we are using saml to authenticate user in our application. we have a scenario, where user want their login alive even after the browser close and open again. Is it possible in AEM? If we use cookie to store the saml response, is there a way to authenticate the user with the saml stored in cookie?

Thanks in advance..!

Replies

Highlighted

edubey

01-02-2018

After browser close user logs out because the cookie which is set is session cookie.

Session cookies is erased by browser when you close it.

If you can have a cookie with expire time, it will work. May be by modifying / extending current implementation.

Such use case cannot be achieved with session cookie

Highlighted

jegadeeshanm

05-02-2018

Hi Edubey,

Thank you for your response. I am facing the same issue posted earlier( Persisting User Login/Session ). Which day care were unable to assist. So I am wondering, is there any possible way to achieve this. Can you please give some additional details on the implementation part of it?

Thanks

Highlighted

jegadeeshanm

08-03-2018

Found the solution for this issue:

1. update the session time out value in osgi configuration "org.apache.jackrabbit.oak.security.authentication.token.TokenConfigurationImpl"

2. add the below line in dispatcher file

"Header edit Set-Cookie ^(login-token.*)$ $1;max-age=<time-out-value>"