You are viewing a plain text version of this content. The canonical link for it is here.
Posted to dev@sling.apache.org by "Eric Norman (Jira)" <ji...@apache.org> on 2022/08/17 21:00:00 UTC

[jira] [Commented] (SLING-11547) AuthenticationInfoPostProcess redirect failing

    [ https://issues.apache.org/jira/browse/SLING-11547?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=17581024#comment-17581024 ] 

Eric Norman commented on SLING-11547:
-------------------------------------

[~Tabs] I'm not familiar with the specifics of the SAML authenticator.  What specifically do you see happening? 

If I  am understanding your description correctly, it sounds like you may be providing a custom service that implements the AuthenticationInfoPostProcessor interface?  If so, then I believe that interface is intended for manipulating the AuthenticationInfo object and I don't see any mechanism for that component to stop further processing of the request.  So, it may be falling through after your component is called and doing some other redirect to somewhere else?

Doing something after authentication has succeeded is usually handled by the AuthenticationFeedbackHandler that is usually derived from the AuthenticationHandler implementing that interface and set as an attribute on the AuthenticationInfo object before calling the AuthenticationInfoPostProcessor components.  So I suppose you could replace that attribute in the AuthenicationInfo object with your own AuthenticationFeedbackHandler object?

 

It would probably be best if the SAML authenticator provided some configurable means of specifying where to redirect to after the credentials have been verified.

> AuthenticationInfoPostProcess redirect failing
> ----------------------------------------------
>
>                 Key: SLING-11547
>                 URL: https://issues.apache.org/jira/browse/SLING-11547
>             Project: Sling
>          Issue Type: Bug
>          Components: Authentication
>            Reporter: Ben deVries
>            Priority: Minor
>
> I am working with AEM 6.5, backed by Sling for SAML authentication and am having issues with the postProcess method that is invoked after a user is authenticated. I am attempting to do a redirect, but for some reason that is not working, here is what i have in my postProcessor
> httpServletResponse.setStatus(HttpServletResponse.{color:#9876aa}SC_TEMPORARY_REDIRECT{color}){color:#cc7832};{color}
> httpServletResponse.setHeader({color:#6a8759}"Location"{color}{color:#cc7832}, {color}{color:#6a8759}"https://www.google.com"{color}){color:#cc7832};{color}
> I have also tried
> {color:#cc7832}try {color}{
>     httpServletResponse.sendRedirect({color:#6a8759}"https://www.google.com"{color}){color:#cc7832};
> } catch {color}(IOException e) {
> e.printStackTrace();
> }
> which is also not working.
> Wondering why it seems that sling is blocking the redirect as the client is not being redirected.



--
This message was sent by Atlassian Jira
(v8.20.10#820010)