Level 8

Persisting User Login/Session

Forum|Forum|9 years ago
March 10, 2016
2 replies
3623 views

I have a site where a user logs in and the request object is authenticated, i can also see that the user is authenticated by checking the CQ_Analytics object and checking the user profile data to see that isLoggedIn is true.

If the user closes their browser and navigates back to the site, the request is now unauthenticated, but, the CQ_Analytics object still recognizes the user as logged in.

How can i persist the login on the request so that the user stays logged in until they logout, or clear their cookies?

This post is no longer active and is closed to new replies. Need help? Start a new post to ask your question.

Tuhin_Ghosh

Level 8

Please check how the cookie is handled in your application. Its seems that on browser close the cookie getting invalidated somehow and thus this problem

L

leeaslingAuthor

Level 8

It's just using the standard AEM login by posting to j_security_check. We don't have anything custom in the login what so ever.

Tuhin_Ghosh

Level 8

Understood, what I know of j_security_check is that it should be doing session management with cookie by default. Could you please look when your user is logging in is some cookie is created and stored and if yes then, after restarting the browser if the cookie is still present or not?

L

leeaslingAuthor

Level 8

This is still an issue and DayCare thus far have been unable to assist.

One thing I noticed is that the login-token cookie generated by AEM is for session only. I looked through the OSGI configuration console for things like "token", "login" and "authentication" to try to find a configuration where i could change this but was not successful. Is there such a thing?

Tuhin_Ghosh

Level 8

If you have already lodged a day care ticket please post the solution here and close this ticket.

Thanks

Tuhin

Sign up

Login with SSO

Login to the community

Login with SSO

Scanning file for viruses.

This file cannot be downloaded