Sling authentication handler vs Login module2019 Community Moderator ElectionHow to integrate login module with external user system exposed as RESTful API in AEM 6.0?How to integrate DTM (Dynamic Tag Management) with AEM 6?Customizing CQ / AEM AuthenticationHow do I copy a node tree in sling?Need help in resolving and understanding com.adobe.granite.csrf.impl.CSRFFilter doFilter: the provided CSRF token is invalid in AEM 6.1Apache Sling Content Module WrapperAEM 6.0 to 6.3 Upgrade - Authentication issue with post servlet (web service)How to do Session Management across clustered environment in AEM?AEM/Sling: How do I implement dynamic sling selector?Query on Sling Custom login module
The English Debate
How to balance a monster modification (zombie)?
Print a physical multiplication table
Turning a hard to access nut?
How are passwords stolen from companies if they only store hashes?
Does the Shadow Magic sorcerer's Eyes of the Dark feature work on all Darkness spells or just his/her own?
Have any astronauts/cosmonauts died in space?
is this saw blade faulty?
If I cast the Enlarge/Reduce spell on an arrow, what weapon could it count as?
What is the tangent at a sharp point on a curve?
What (if any) is the reason to buy in small local stores?
Extraneous elements in "Europe countries" list
What are the rules for concealing thieves' tools (or items in general)?
Exposing a company lying about themselves in a tightly knit industry: Is my career at risk on the long run?
Homology of the fiber
Justification failure in beamer enumerate list
Unfrosted light bulb
How can a new country break out from a developed country without war?
Why are there no stars visible in cislunar space?
What kind of footwear is suitable for walking in micro gravity environment?
Can "few" be used as a subject? If so, what is the rule?
Is this Pascal's Matrix?
Imaginary part of expression too difficult to calculate
What will the Frenchman say?
Sling authentication handler vs Login module
2019 Community Moderator ElectionHow to integrate login module with external user system exposed as RESTful API in AEM 6.0?How to integrate DTM (Dynamic Tag Management) with AEM 6?Customizing CQ / AEM AuthenticationHow do I copy a node tree in sling?Need help in resolving and understanding com.adobe.granite.csrf.impl.CSRFFilter doFilter: the provided CSRF token is invalid in AEM 6.1Apache Sling Content Module WrapperAEM 6.0 to 6.3 Upgrade - Authentication issue with post servlet (web service)How to do Session Management across clustered environment in AEM?AEM/Sling: How do I implement dynamic sling selector?Query on Sling Custom login module
I read many blogs and post in Stackoverflow but could not understand exactly which one is appropriate in which situation.
What I understood till now is, custom authentication handler should be written when user needs to redirected to 3rd party system for authentication and then AuthenticationInfo object is sent to the DefaultLogin module.
Now custom login module is used when there is a need to sync user data into AEM from 3rd Party system.
During the synchronization process custom login module also authenticate user against 3rd party. But this can also be possible in authentication handler also.
If I look at the out of the box SAML authentication handler then it does not have login module to synchronize user data, rather SAML authentication handler itself synchronize user data. Why there is such difference in implementation? Which one is applicable in which scenario? Does login module gives extra level of security?
aem sling
add a comment |
I read many blogs and post in Stackoverflow but could not understand exactly which one is appropriate in which situation.
What I understood till now is, custom authentication handler should be written when user needs to redirected to 3rd party system for authentication and then AuthenticationInfo object is sent to the DefaultLogin module.
Now custom login module is used when there is a need to sync user data into AEM from 3rd Party system.
During the synchronization process custom login module also authenticate user against 3rd party. But this can also be possible in authentication handler also.
If I look at the out of the box SAML authentication handler then it does not have login module to synchronize user data, rather SAML authentication handler itself synchronize user data. Why there is such difference in implementation? Which one is applicable in which scenario? Does login module gives extra level of security?
aem sling
add a comment |
I read many blogs and post in Stackoverflow but could not understand exactly which one is appropriate in which situation.
What I understood till now is, custom authentication handler should be written when user needs to redirected to 3rd party system for authentication and then AuthenticationInfo object is sent to the DefaultLogin module.
Now custom login module is used when there is a need to sync user data into AEM from 3rd Party system.
During the synchronization process custom login module also authenticate user against 3rd party. But this can also be possible in authentication handler also.
If I look at the out of the box SAML authentication handler then it does not have login module to synchronize user data, rather SAML authentication handler itself synchronize user data. Why there is such difference in implementation? Which one is applicable in which scenario? Does login module gives extra level of security?
aem sling
I read many blogs and post in Stackoverflow but could not understand exactly which one is appropriate in which situation.
What I understood till now is, custom authentication handler should be written when user needs to redirected to 3rd party system for authentication and then AuthenticationInfo object is sent to the DefaultLogin module.
Now custom login module is used when there is a need to sync user data into AEM from 3rd Party system.
During the synchronization process custom login module also authenticate user against 3rd party. But this can also be possible in authentication handler also.
If I look at the out of the box SAML authentication handler then it does not have login module to synchronize user data, rather SAML authentication handler itself synchronize user data. Why there is such difference in implementation? Which one is applicable in which scenario? Does login module gives extra level of security?
aem sling
aem sling
edited Mar 7 at 6:43
Learner
asked Mar 6 at 23:07
LearnerLearner
83
83
add a comment |
add a comment |
1 Answer
1
active
oldest
votes
Please note that Login module has been rewritten and now its call External Identity Provider.
External identity provider does not only sync user data but also authenticate user entered credentials. Lets take an example where you need to authenticate user against 3rd party system (which means you need to ask user to enter username and password through Authentication handler in extracthandler method) and after user enters his/her credentials then you want that credentials to be validated again before granting permission to the repository (in this case you need to write External Identity Provider). One example could be, once user enter credentials then 3rd party system generates some token. Now you can validate this token in your External Identity Provider code by calling some web service endpoint provided by 3rd party.
More details here
add a comment |
Your Answer
StackExchange.ifUsing("editor", function ()
StackExchange.using("externalEditor", function ()
StackExchange.using("snippets", function ()
StackExchange.snippets.init();
);
);
, "code-snippets");
StackExchange.ready(function()
var channelOptions =
tags: "".split(" "),
id: "1"
;
initTagRenderer("".split(" "), "".split(" "), channelOptions);
StackExchange.using("externalEditor", function()
// Have to fire editor after snippets, if snippets enabled
if (StackExchange.settings.snippets.snippetsEnabled)
StackExchange.using("snippets", function()
createEditor();
);
else
createEditor();
);
function createEditor()
StackExchange.prepareEditor(
heartbeatType: 'answer',
autoActivateHeartbeat: false,
convertImagesToLinks: true,
noModals: true,
showLowRepImageUploadWarning: true,
reputationToPostImages: 10,
bindNavPrevention: true,
postfix: "",
imageUploader:
brandingHtml: "Powered by u003ca class="icon-imgur-white" href="https://imgur.com/"u003eu003c/au003e",
contentPolicyHtml: "User contributions licensed under u003ca href="https://creativecommons.org/licenses/by-sa/3.0/"u003ecc by-sa 3.0 with attribution requiredu003c/au003e u003ca href="https://stackoverflow.com/legal/content-policy"u003e(content policy)u003c/au003e",
allowUrls: true
,
onDemand: true,
discardSelector: ".discard-answer"
,immediatelyShowMarkdownHelp:true
);
);
Sign up or log in
StackExchange.ready(function ()
StackExchange.helpers.onClickDraftSave('#login-link');
);
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
Required, but never shown
StackExchange.ready(
function ()
StackExchange.openid.initPostLogin('.new-post-login', 'https%3a%2f%2fstackoverflow.com%2fquestions%2f55033618%2fsling-authentication-handler-vs-login-module%23new-answer', 'question_page');
);
Post as a guest
Required, but never shown
1 Answer
1
active
oldest
votes
1 Answer
1
active
oldest
votes
active
oldest
votes
active
oldest
votes
Please note that Login module has been rewritten and now its call External Identity Provider.
External identity provider does not only sync user data but also authenticate user entered credentials. Lets take an example where you need to authenticate user against 3rd party system (which means you need to ask user to enter username and password through Authentication handler in extracthandler method) and after user enters his/her credentials then you want that credentials to be validated again before granting permission to the repository (in this case you need to write External Identity Provider). One example could be, once user enter credentials then 3rd party system generates some token. Now you can validate this token in your External Identity Provider code by calling some web service endpoint provided by 3rd party.
More details here
add a comment |
Please note that Login module has been rewritten and now its call External Identity Provider.
External identity provider does not only sync user data but also authenticate user entered credentials. Lets take an example where you need to authenticate user against 3rd party system (which means you need to ask user to enter username and password through Authentication handler in extracthandler method) and after user enters his/her credentials then you want that credentials to be validated again before granting permission to the repository (in this case you need to write External Identity Provider). One example could be, once user enter credentials then 3rd party system generates some token. Now you can validate this token in your External Identity Provider code by calling some web service endpoint provided by 3rd party.
More details here
add a comment |
Please note that Login module has been rewritten and now its call External Identity Provider.
External identity provider does not only sync user data but also authenticate user entered credentials. Lets take an example where you need to authenticate user against 3rd party system (which means you need to ask user to enter username and password through Authentication handler in extracthandler method) and after user enters his/her credentials then you want that credentials to be validated again before granting permission to the repository (in this case you need to write External Identity Provider). One example could be, once user enter credentials then 3rd party system generates some token. Now you can validate this token in your External Identity Provider code by calling some web service endpoint provided by 3rd party.
More details here
Please note that Login module has been rewritten and now its call External Identity Provider.
External identity provider does not only sync user data but also authenticate user entered credentials. Lets take an example where you need to authenticate user against 3rd party system (which means you need to ask user to enter username and password through Authentication handler in extracthandler method) and after user enters his/her credentials then you want that credentials to be validated again before granting permission to the repository (in this case you need to write External Identity Provider). One example could be, once user enter credentials then 3rd party system generates some token. Now you can validate this token in your External Identity Provider code by calling some web service endpoint provided by 3rd party.
More details here
answered Mar 7 at 12:41
Sumanta PakiraSumanta Pakira
53121432
53121432
add a comment |
add a comment |
Thanks for contributing an answer to Stack Overflow!
- Please be sure to answer the question. Provide details and share your research!
But avoid …
- Asking for help, clarification, or responding to other answers.
- Making statements based on opinion; back them up with references or personal experience.
To learn more, see our tips on writing great answers.
Sign up or log in
StackExchange.ready(function ()
StackExchange.helpers.onClickDraftSave('#login-link');
);
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
Required, but never shown
StackExchange.ready(
function ()
StackExchange.openid.initPostLogin('.new-post-login', 'https%3a%2f%2fstackoverflow.com%2fquestions%2f55033618%2fsling-authentication-handler-vs-login-module%23new-answer', 'question_page');
);
Post as a guest
Required, but never shown
Sign up or log in
StackExchange.ready(function ()
StackExchange.helpers.onClickDraftSave('#login-link');
);
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
Required, but never shown
Sign up or log in
StackExchange.ready(function ()
StackExchange.helpers.onClickDraftSave('#login-link');
);
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
Required, but never shown
Sign up or log in
StackExchange.ready(function ()
StackExchange.helpers.onClickDraftSave('#login-link');
);
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown