6 Replies Latest reply on Jan 7, 2013 11:40 PM by RameshBacha

    Login user programatically

    danchapmanme Level 1

      I want to be able to login a user programmatically on my CQ website. I have created users wih a user id from a genenered UUID, and I store the user's email address as normal as a profile property.

       

      Example:

      User ID/Username/Login ID: 3b60ef68-881c-4ad7-b5b4-ffc0c7ebcca6

       

      Email: test@test.com

       

      When the user wants to login they will supply their email address and password. I have used a form with a custom action, and using forward.jsp to intercept the form post. I will lookup the user id (UUID) based on the email adress and the programatically post this information to the j_security_check servlet. However, when I post to j_security_check it just displays a blank screen. I get a 302 status code back from the form post, which I guess means the login was successful as invalid user details produces a status code 403.

       

      import org.apache.commons.httpclient.HttpClient,

      import org.apache.commons.httpclient.HttpException,

      import org.apache.commons.httpclient.HttpStatus,

      import org.apache.commons.httpclient.methods.PostMethod

       

      HttpClient httpClient = new HttpClient();

      PostMethod postMethod = new PostMethod( "http://localhost:4502/content/test-site/en/login/j_security_check" );

      postMethod.addParameter( "resource","http://localhost:4502/content/test-site/en/login.html");

      postMethod.addParameter( "_charset_","UTF-8");

      postMethod.addParameter( "j_username",  "test@test.com" );

      postMethod.addParameter( "j_password", "test" );

       

      status = httpClient.executeMethod( postMethod );

      contents = postMethod.getResponseBodyAsString();

      postMethod.releaseConnection();

        • 1. Re: Login user programatically
          Jörg Hoh Adobe Employee

          What do you want to achieve? What's your requirement you want to solve with this code?

           

          Jörg

          • 2. Re: Login user programatically
            cqnewuser Level 1

            Hi I am intereted in working out how to programmatically authenticate a user too.

            • 3. Re: Login user programatically
              justin_at_adobe Adobe Employee

              Unless otherwise configured, CQ supports HTTP Basic Authentication. That's going to be simpler than using the token-cookie based authentication.

              • 4. Re: Login user programatically
                RameshBacha Level 1

                Hi Justin,

                 

                Can you please provide an example for using HTTP Basic authentication using CQ5.

                 

                We have requirement, where when i click on a link from external application i should be able to login in to CQ5 using Http Basic authentication. I will create a dedicated username: password for that application and using those credentials on clicking on a link i should login into CQ5.

                 

                i tried the following.. but it's not working. Below is the code for the same.

                 

                <!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">

                <html>

                <head>

                  <title> New Document </title>

                 

                <script type="text/javascript" src="base64.js"></script>

                <script type="text/javascript">

                function make_basic_auth() {

                alert("in basic_auth");

                  var tok = 'admin:admin';

                  var hash = Base64.encode(tok);

                  return "Basic " + hash;

                }

                 

                function httpbasicauth(){

                 

                var auth = make_basic_auth();

                var url = 'http://localhost:4502/libs/cq/core/content/login.html';

                 

                 

                var xmlhttp;

                if (window.XMLHttpRequest)

                  {// code for IE7+, Firefox, Chrome, Opera, Safari

                  xmlhttp=new XMLHttpRequest();

                  }

                else

                  {// code for IE6, IE5

                  xmlhttp=new ActiveXObject("Microsoft.XMLHTTP");

                  }

                  xmlhttp.onreadystatechange = function() {

                        if(xmlhttp.readyState == 4){

                            alert(xmlhttp.readyState);

                           window.location.href = "http://localhost:4502/welcome"

                        }

                };

                xmlhttp.open('GET',url);

                xmlhttp.setRequestHeader('Authorization', auth);

                xmlhttp.send();

                }

                </script>

                </head>

                <body>

                 

                  <div id="myDiv"><h2>Login to CQ5 using AJAX request</h2></div>

                  <a href="#" onclick="httpbasicauth()">CQ5 Site admin</a>

                 

                </html>

                 

                can you please correct me to make it work. Using this i am going into readystate==4 block and it's redirected to cq login page.

                • 5. Re: Login user programatically
                  justin_at_adobe Adobe Employee

                  Ramesh-

                  For what you are describing, I would recommend using a cookie-based SSO system. Note that this is an entirely different use case than what Dan originally requested (for which Basic Auth is the correct solution).

                   

                  Regards,

                  Justin

                  • 6. Re: Login user programatically
                    RameshBacha Level 1

                    Hi Justin,

                     

                    we have not integrated all our applications with SSO. It's in planning.

                    As of now i am doing a simple POC to make sure that on clicking a link from HTML form i should be able to login into CQ5 by using it's existing login functionality.

                     

                    Is there any way to do it? HTTP Basic authentication or any other apporach you would suggest.