Sling authentication handler vs Login module2019 Community Moderator ElectionHow to integrate login module with external user system exposed as RESTful API in AEM 6.0?How to integrate DTM (Dynamic Tag Management) with AEM 6?Customizing CQ / AEM AuthenticationHow do I copy a node tree in sling?Need help in resolving and understanding com.adobe.granite.csrf.impl.CSRFFilter doFilter: the provided CSRF token is invalid in AEM 6.1Apache Sling Content Module WrapperAEM 6.0 to 6.3 Upgrade - Authentication issue with post servlet (web service)How to do Session Management across clustered environment in AEM?AEM/Sling: How do I implement dynamic sling selector?Query on Sling Custom login module

The English Debate

How to balance a monster modification (zombie)?

Print a physical multiplication table

Turning a hard to access nut?

How are passwords stolen from companies if they only store hashes?

Does the Shadow Magic sorcerer's Eyes of the Dark feature work on all Darkness spells or just his/her own?

Have any astronauts/cosmonauts died in space?

is this saw blade faulty?

If I cast the Enlarge/Reduce spell on an arrow, what weapon could it count as?

What is the tangent at a sharp point on a curve?

What (if any) is the reason to buy in small local stores?

Extraneous elements in "Europe countries" list

What are the rules for concealing thieves' tools (or items in general)?

Exposing a company lying about themselves in a tightly knit industry: Is my career at risk on the long run?

Homology of the fiber

Justification failure in beamer enumerate list

Unfrosted light bulb

How can a new country break out from a developed country without war?

Why are there no stars visible in cislunar space?

What kind of footwear is suitable for walking in micro gravity environment?

Can "few" be used as a subject? If so, what is the rule?

Is this Pascal's Matrix?

Imaginary part of expression too difficult to calculate

What will the Frenchman say?



Sling authentication handler vs Login module



2019 Community Moderator ElectionHow to integrate login module with external user system exposed as RESTful API in AEM 6.0?How to integrate DTM (Dynamic Tag Management) with AEM 6?Customizing CQ / AEM AuthenticationHow do I copy a node tree in sling?Need help in resolving and understanding com.adobe.granite.csrf.impl.CSRFFilter doFilter: the provided CSRF token is invalid in AEM 6.1Apache Sling Content Module WrapperAEM 6.0 to 6.3 Upgrade - Authentication issue with post servlet (web service)How to do Session Management across clustered environment in AEM?AEM/Sling: How do I implement dynamic sling selector?Query on Sling Custom login module










0















I read many blogs and post in Stackoverflow but could not understand exactly which one is appropriate in which situation.

What I understood till now is, custom authentication handler should be written when user needs to redirected to 3rd party system for authentication and then AuthenticationInfo object is sent to the DefaultLogin module.



Now custom login module is used when there is a need to sync user data into AEM from 3rd Party system.
During the synchronization process custom login module also authenticate user against 3rd party. But this can also be possible in authentication handler also.



If I look at the out of the box SAML authentication handler then it does not have login module to synchronize user data, rather SAML authentication handler itself synchronize user data. Why there is such difference in implementation? Which one is applicable in which scenario? Does login module gives extra level of security?






aem sling







share|improve this question




























    0















    I read many blogs and post in Stackoverflow but could not understand exactly which one is appropriate in which situation.

    What I understood till now is, custom authentication handler should be written when user needs to redirected to 3rd party system for authentication and then AuthenticationInfo object is sent to the DefaultLogin module.



    Now custom login module is used when there is a need to sync user data into AEM from 3rd Party system.
    During the synchronization process custom login module also authenticate user against 3rd party. But this can also be possible in authentication handler also.



    If I look at the out of the box SAML authentication handler then it does not have login module to synchronize user data, rather SAML authentication handler itself synchronize user data. Why there is such difference in implementation? Which one is applicable in which scenario? Does login module gives extra level of security?






    aem sling







    share|improve this question


























      0












      0








      0


      1






      I read many blogs and post in Stackoverflow but could not understand exactly which one is appropriate in which situation.

      What I understood till now is, custom authentication handler should be written when user needs to redirected to 3rd party system for authentication and then AuthenticationInfo object is sent to the DefaultLogin module.



      Now custom login module is used when there is a need to sync user data into AEM from 3rd Party system.
      During the synchronization process custom login module also authenticate user against 3rd party. But this can also be possible in authentication handler also.



      If I look at the out of the box SAML authentication handler then it does not have login module to synchronize user data, rather SAML authentication handler itself synchronize user data. Why there is such difference in implementation? Which one is applicable in which scenario? Does login module gives extra level of security?






      aem sling







      share|improve this question
















      I read many blogs and post in Stackoverflow but could not understand exactly which one is appropriate in which situation.

      What I understood till now is, custom authentication handler should be written when user needs to redirected to 3rd party system for authentication and then AuthenticationInfo object is sent to the DefaultLogin module.



      Now custom login module is used when there is a need to sync user data into AEM from 3rd Party system.
      During the synchronization process custom login module also authenticate user against 3rd party. But this can also be possible in authentication handler also.



      If I look at the out of the box SAML authentication handler then it does not have login module to synchronize user data, rather SAML authentication handler itself synchronize user data. Why there is such difference in implementation? Which one is applicable in which scenario? Does login module gives extra level of security?






      aem sling




      aem sling






      share|improve this question















      share|improve this question













      share|improve this question




      share|improve this question








      edited Mar 7 at 6:43







      Learner

















      asked Mar 6 at 23:07









      LearnerLearner

      83




      83






















          1 Answer
          1






          active

          oldest

          votes


















          2














          Please note that Login module has been rewritten and now its call External Identity Provider.



          External identity provider does not only sync user data but also authenticate user entered credentials. Lets take an example where you need to authenticate user against 3rd party system (which means you need to ask user to enter username and password through Authentication handler in extracthandler method) and after user enters his/her credentials then you want that credentials to be validated again before granting permission to the repository (in this case you need to write External Identity Provider). One example could be, once user enter credentials then 3rd party system generates some token. Now you can validate this token in your External Identity Provider code by calling some web service endpoint provided by 3rd party.



          More details here






          share|improve this answer






















            Your Answer






            StackExchange.ifUsing("editor", function ()
            StackExchange.using("externalEditor", function ()
            StackExchange.using("snippets", function ()
            StackExchange.snippets.init();
            );
            );
            , "code-snippets");

            StackExchange.ready(function()
            var channelOptions =
            tags: "".split(" "),
            id: "1"
            ;
            initTagRenderer("".split(" "), "".split(" "), channelOptions);

            StackExchange.using("externalEditor", function()
            // Have to fire editor after snippets, if snippets enabled
            if (StackExchange.settings.snippets.snippetsEnabled)
            StackExchange.using("snippets", function()
            createEditor();
            );

            else
            createEditor();

            );

            function createEditor()
            StackExchange.prepareEditor(
            heartbeatType: 'answer',
            autoActivateHeartbeat: false,
            convertImagesToLinks: true,
            noModals: true,
            showLowRepImageUploadWarning: true,
            reputationToPostImages: 10,
            bindNavPrevention: true,
            postfix: "",
            imageUploader:
            brandingHtml: "Powered by u003ca class="icon-imgur-white" href="https://imgur.com/"u003eu003c/au003e",
            contentPolicyHtml: "User contributions licensed under u003ca href="https://creativecommons.org/licenses/by-sa/3.0/"u003ecc by-sa 3.0 with attribution requiredu003c/au003e u003ca href="https://stackoverflow.com/legal/content-policy"u003e(content policy)u003c/au003e",
            allowUrls: true
            ,
            onDemand: true,
            discardSelector: ".discard-answer"
            ,immediatelyShowMarkdownHelp:true
            );



            );













            draft saved

            draft discarded


















            StackExchange.ready(
            function ()
            StackExchange.openid.initPostLogin('.new-post-login', 'https%3a%2f%2fstackoverflow.com%2fquestions%2f55033618%2fsling-authentication-handler-vs-login-module%23new-answer', 'question_page');

            );

            Post as a guest















            Required, but never shown

























            1 Answer
            1






            active

            oldest

            votes








            1 Answer
            1






            active

            oldest

            votes









            active

            oldest

            votes






            active

            oldest

            votes









            2














            Please note that Login module has been rewritten and now its call External Identity Provider.



            External identity provider does not only sync user data but also authenticate user entered credentials. Lets take an example where you need to authenticate user against 3rd party system (which means you need to ask user to enter username and password through Authentication handler in extracthandler method) and after user enters his/her credentials then you want that credentials to be validated again before granting permission to the repository (in this case you need to write External Identity Provider). One example could be, once user enter credentials then 3rd party system generates some token. Now you can validate this token in your External Identity Provider code by calling some web service endpoint provided by 3rd party.



            More details here






            share|improve this answer



























              2














              Please note that Login module has been rewritten and now its call External Identity Provider.



              External identity provider does not only sync user data but also authenticate user entered credentials. Lets take an example where you need to authenticate user against 3rd party system (which means you need to ask user to enter username and password through Authentication handler in extracthandler method) and after user enters his/her credentials then you want that credentials to be validated again before granting permission to the repository (in this case you need to write External Identity Provider). One example could be, once user enter credentials then 3rd party system generates some token. Now you can validate this token in your External Identity Provider code by calling some web service endpoint provided by 3rd party.



              More details here






              share|improve this answer

























                2












                2








                2







                Please note that Login module has been rewritten and now its call External Identity Provider.



                External identity provider does not only sync user data but also authenticate user entered credentials. Lets take an example where you need to authenticate user against 3rd party system (which means you need to ask user to enter username and password through Authentication handler in extracthandler method) and after user enters his/her credentials then you want that credentials to be validated again before granting permission to the repository (in this case you need to write External Identity Provider). One example could be, once user enter credentials then 3rd party system generates some token. Now you can validate this token in your External Identity Provider code by calling some web service endpoint provided by 3rd party.



                More details here






                share|improve this answer













                Please note that Login module has been rewritten and now its call External Identity Provider.



                External identity provider does not only sync user data but also authenticate user entered credentials. Lets take an example where you need to authenticate user against 3rd party system (which means you need to ask user to enter username and password through Authentication handler in extracthandler method) and after user enters his/her credentials then you want that credentials to be validated again before granting permission to the repository (in this case you need to write External Identity Provider). One example could be, once user enter credentials then 3rd party system generates some token. Now you can validate this token in your External Identity Provider code by calling some web service endpoint provided by 3rd party.



                More details here







                share|improve this answer












                share|improve this answer



                share|improve this answer










                answered Mar 7 at 12:41









                Sumanta PakiraSumanta Pakira

                53121432




                53121432





























                    draft saved

                    draft discarded
















































                    Thanks for contributing an answer to Stack Overflow!


                    • Please be sure to answer the question. Provide details and share your research!

                    But avoid


                    • Asking for help, clarification, or responding to other answers.

                    • Making statements based on opinion; back them up with references or personal experience.

                    To learn more, see our tips on writing great answers.




                    draft saved


                    draft discarded














                    StackExchange.ready(
                    function ()
                    StackExchange.openid.initPostLogin('.new-post-login', 'https%3a%2f%2fstackoverflow.com%2fquestions%2f55033618%2fsling-authentication-handler-vs-login-module%23new-answer', 'question_page');

                    );

                    Post as a guest















                    Required, but never shown





















































                    Required, but never shown














                    Required, but never shown












                    Required, but never shown







                    Required, but never shown

































                    Required, but never shown














                    Required, but never shown












                    Required, but never shown







                    Required, but never shown







                    -

                    Popular posts from this blog

                    Save data to MySQL database using ExtJS and PHP [closed]2019 Community Moderator ElectionHow can I prevent SQL injection in PHP?Which MySQL data type to use for storing boolean valuesPHP: Delete an element from an arrayHow do I connect to a MySQL Database in Python?Should I use the datetime or timestamp data type in MySQL?How to get a list of MySQL user accountsHow Do You Parse and Process HTML/XML in PHP?Reference — What does this symbol mean in PHP?How does PHP 'foreach' actually work?Why shouldn't I use mysql_* functions in PHP?

                    Image
                    Does this AnyDice function accurately calculate the number of ogres you make unconcious with three 4th-level castings of Sleep? Making a sword in the stone, in a medieval world without magic Identifying the interval from A♭ to D♯ Why is Vishnu's skin colour mentioned as both white and blue in the Vishnu-sahasranaama? SQL Server Primary Login Restrictions Have researchers managed to "reverse time"? If so, what does that mean for physics? Why does Deadpool say "You're welcome, Canada," after shooting Ryan Reynolds in the end credits? Check this translation of Amores 1.3.26 Why did it take so long to abandon sail after steamships were demonstrated? Plot a function of two variables equal 0 2D counterpart of std::array in C++17 Could the Saturn V actually have launched astronauts around Venus? Why is "das Weib" grammatically neuter? How to make healing in an exploration game interesting Life insurance that covers only simulta
                    Read more

                    Compiling GNU Global with universal-ctags support Announcing the arrival of Valued Associate #679: Cesar Manara Planned maintenance scheduled April 23, 2019 at 23:30 UTC (7:30pm US/Eastern) Data science time! April 2019 and salary with experience The Ask Question Wizard is Live!Tags for Emacs: Relationship between etags, ebrowse, cscope, GNU Global and exuberant ctagsVim and Ctags tips and trickscscope or ctags why choose one over the other?scons and ctagsctags cannot open option file “.ctags”Adding tag scopes in universal-ctagsShould I use Universal-ctags?Universal ctags on WindowsHow do I install GNU Global with universal ctags support using Homebrew?Universal ctags with emacsHow to highlight ctags generated by Universal Ctags in Vim?

                    Image
                    How to ask rejected full-time candidates to apply to teach individual courses? Why these surprising proportionalities of integrals involving odd zeta values? A German immigrant ancestor has a "Registration Affidavit of Alien Enemy" on file. What does that mean exactly? Why did Israel vote against lifting the American embargo on Cuba? Unix AIX passing variable and arguments to expect and spawn Kepler's 3rd law: ratios don't fit data Why does my GNOME settings mention "Moto C Plus"? Continue tikz picture on next page What documents does someone with a long-term visa need to travel to another Schengen country? “Since the train was delayed for more than an hour, passengers were given a full refund.” – Why is there no article before “passengers”? How to create a command for the "strange m" symbol in latex? How to get a single big right brace? Is the Mordenkainen's Sword spell underpowered? Why did Bronn offer to be Tyrion L
                    Read more

                    Add ONERROR event to image from jsp tldHow to add an image to a JPanel?Saving image from PHP URLHTML img scalingCheck if an image is loaded (no errors) with jQueryHow to force an <img> to take up width, even if the image is not loadedHow do I populate hidden form field with a value set in Spring ControllerStyling Raw elements Generated from JSP tagds with Jquery MobileLimit resizing of images with explicitly set width and height attributeserror TLD use in a jsp fileJsp tld files cannot be resolved

                    Image
                    At which point does a character regain all their Hit Dice? Why are on-board computers allowed to change controls without notifying the pilots? How do I keep an essay about "feeling flat" from feeling flat? Time travel short story where a man arrives in the late 19th century in a time machine and then sends the machine back into the past How to be diplomatic in refusing to write code that breaches the privacy of our users Understanding "audieritis" in Psalm 94 Greatest common substring Go Pregnant or Go Home Why did Kant, Hegel, and Adorno leave some words and phrases in the Greek alphabet? What to do with wrong results in talks? Failed to fetch jessie backports repository Increase performance creating Mandelbrot set in python How can I replace every global instance of "x[2]" with "x_2" What are the ramifications of creating a homebrew world without an Astral Plane? Are there any comparative studies done between Ashtava
                    Read more