Based on the scenarios - please share any point of views / additional inputs
Scenario1 :- Which is better for custom authentication with a DB - User name and Password in DB and no need them to be synced into AEM
(1) Simple Servlet Filter for url pattern & then a Servlet for login form
(2) Sling Custom Authentication Handler & Custom Login Module with Pre - Authenticated State
(3) OAK Identity provider & Custom Login Module with Pre - Authenticated State
From my POV would prefer an (1) Servlet - Clean and Simple also web entry is the first layer of defense - any additional point of views ?
Scenario2 - Which is better for custom authentication with a DB - User name and Password in DB and need to sync them to AEM for JCR permisons
(1) Simple Servlet Filter for url pattern & then a Servlet for login form
(2) Sling Custom Authentication Handler & OOTB Login Module
(3) OAK Identity provider & OOTB Login Module
From my POV would prefer an (2) or (3) as user needs to be synced and need a jcr session any additional point of views ?
Solved! Go to Solution.
Views
Replies
Total Likes
Regarding the first scenario, what I was trying to say is that you cannot get the full functionality of AEM without syncing users. I suppose in some limited use case, this might work, but I've rarely see a case where only authentication was necessary or appropriately. After all, if you are authenticating users, it is usually to give them some kind of value in having done that authentication, which means some level of authorization as well.
Views
Replies
Total Likes
Hi,
I don't think the first scenario is really work considering.
For the second scenario, you should be using an Oak Identity Provider. No Custom Login Module would be necessary.
Regards,
Justin
Views
Replies
Total Likes
Hi Justin,
Not getting your view on the 1st Scenario - Can you please elaborate
What will be the pros /cons of using a servlet for 1st Scenario
Views
Replies
Total Likes
Yes no custom login module for scenario 2 - that was a copy / paste :-) as user synced via sync handler the default login model should work . Updated the scenario with OOTB login module
Views
Replies
Total Likes
Regarding the first scenario, what I was trying to say is that you cannot get the full functionality of AEM without syncing users. I suppose in some limited use case, this might work, but I've rarely see a case where only authentication was necessary or appropriately. After all, if you are authenticating users, it is usually to give them some kind of value in having done that authentication, which means some level of authorization as well.
Views
Replies
Total Likes
Views
Like
Replies