Here I have a use case for authentication .
We have a website with CUG and non CUG pages in AEM.
A user logged in to the site and can access all the CUG and non-CUG pages.
Now someone(Admin) deletes the .token node from CRX for that particular user.
the user now hits some of the non-CUG page - whether the Authentication handler should be triggered ? In my case it gets triggered which as per my understanding should not.
Let me know if any further details required.
Please let me know your points and help me to understand the proper flow.
Deleting from felix console does not remove header from end user browser. So may be header is still present in browser might have caused to consider has invalid token & thrown to login page.
Thanks for quick response !
1) if we use private window it works fine as you said.
2) in case of same browser with different tab then problem persist that means I need to handle in 404.jsp.
We are using acs commons error handling concept. I would request you to please guide me what has to be written in 404.jsp to handle this scenario.