I need to clear some doubt regarding Single Sign On(SSO). Below are the doubts which I am mentioning.
These are the basic concept but i need to clear those. It will be great if I can get some view on below queries.
1: Can SAML and LDAP be configured together for SSO. As per my understanding both are protocol and can not be applied together in SSO.
2: I want to configure one LDAP for content hierarchy(/content/geometrix) and other LDAP for other content hierarchy(/content/weretail). Is it possible to configure one LDAP for one content hierarchy and other LDAP for other content hierarchy? As per me I am unable to find the path configuration for content structure for LDAP Identity provider, Auth Handler and External Login, so how LDAP identifies under which content hierarchy SSO needs to be applied.
3: In AEM OOTB a configuration is present "Adobe Granite SSO Authentication Handler". What is the purpose of this Authentication Handler.
2) As per my understanding, SAML will only be triggered when path(/content/weretail) is accessed and when AEM tries to find authentication handler for path /content/geometrix, it will only have LDAP as the authentication provider. So, SAML for the path defined and LDAP for everything else.
3) This configuration is for SSO and has nothing to do with LDAP/SAML. More details at