Adobe Experience Manager Sites & More

leeasling · 3/10/16

I have a site where a user logs in and the request object is authenticated, i can also see that the user is authenticated by checking the CQ_Analytics object and checking the user profile data to see that isLoggedIn is true.

If the user closes their browser and navigates back to the site, the request is now unauthenticated, but, the CQ_Analytics object still recognizes the user as logged in.

How can i persist the login on the request so that the user stays logged in until they logout, or clear their cookies?

Tuhin_Ghosh · 3/10/16

Please check how the cookie is handled in your application. Its seems that on browser close the cookie getting invalidated somehow and thus this problem

leeasling · 3/10/16

It's just using the standard AEM login by posting to j_security_check. We don't have anything custom in the login what so ever.

Tuhin_Ghosh · 3/10/16

Understood, what I know of j_security_check is that it should be doing session management with cookie by default. Could you please look when your user is logging in is some cookie is created and stored and if yes then, after restarting the browser if the cookie is still present or not?

leeasling · 3/17/16

Sorry for the late reply here. A cookie is created "login-token" but it's a session cookie, so when the browser closes out, the cookie also goes bye bye. I need to change this to keep the cookie.

smacdonald2008 · 3/17/16

I believe that Justin covered this at ATE on AEM Secure Sites. http://scottsdigitalcommunity.blogspot.ca/2015/02/creating-custom-authentication-handlers.html

See the article - and the link to ATE is at the start of the article - in the table.

leeasling · 3/17/16

Thanks Sam. The code in there is actually pretty much what I have, and that too does not persist the login after the browser is closed.

leeasling · 4/21/16

This is still an issue and DayCare thus far have been unable to assist.

One thing I noticed is that the login-token cookie generated by AEM is for session only. I looked through the OSGI configuration console for things like "token", "login" and "authentication" to try to find a configuration where i could change this but was not successful. Is there such a thing?

Tuhin_Ghosh · 7/3/16

If you have already lodged a day care ticket please post the solution here and close this ticket.

Thanks

Tuhin

Adobe Experience Manager Sites & More

Persisting User Login/Session

Learn

Documentation

Community

Support

Resources

Adobe account

Adobe