We would like to use an external SAML-based mechanism for single-sign-on between AEM and other platforms. From there, we would like to populate that user with authorization information (roles, user type) pulled from another external system.
A few questions:
Thanks, Gary
Views
Replies
Total Likes
Hi,
This is not the answer to you question but i would like to share with you one reference article:- https://helpx.adobe.com/experience-manager/kb/saml-demo.html
I hope other experts would help you here.
~kautuk
Views
Replies
Total Likes
Thanks. It helps with authentication, but doesn't answer my authorization questions.
I see from this document (http://wwwimages.adobe.com/content/dam/Adobe/en/security/pdfs/adobe-aem-managed-services-security.pd...) that custom security integrations are possible. Who can explain to me exactly what that means?
Thanks, Gary
Views
Replies
Total Likes
write a custom authentication handler by implementing AuthenticationHandler and custom login module by extending AbstractLoginModule.
Authentication handler - get user id from request and set to Credentials
Views
Replies
Total Likes
Can I handle authorization as part of that custom handler?
Thanks, Gary
Views
Replies
Total Likes
You can write an OAK authentication handler:
http://scottsdigitalcommunity.blogspot.com/2015/09/creating-external-oak-login-module-for.html
Hope this helps....
Views
Replies
Total Likes
Thanks. That is specifically for authentication, not authorization.
Can I also create handlers for authorization via the same JAAS mechanism as described here?
http://docs.oracle.com/javase/8/docs/technotes/guides/security/jaas/JAASRefGuide.html#Authorization
Gary
Views
Replies
Total Likes
Views
Likes
Replies
Views
Likes
Replies