3 Replies Latest reply on May 7, 2013 11:43 AM by Jilla Ravinder

    how to make a use as logged in user?

    Jilla Ravinder Level 1

      Could you please help me out , how to make a user to logged in user to a website.

       

      I have a requirement where user clicks a link would consider him as a logged in user and allow him to browse the website.

      The link would contains the user ID, which I need to get username and make him as a logged in user.

       

      Can I get the user password from CRX and decrypt and pass to simple credentials is it possible.

      Or what is SSO Authenticaiton handler can I use this in my case.

       

      Please help me on this.

       

      Thanks,

      Ravinder Jilla.

        • 1. Re: how to make a use as logged in user?
          justin_at_adobe Adobe Employee

          This seems like a bad idea - what if the user acidentally sent that link to someone else? If you want to implement a reset password user flow, take a look at how this is done for Geometrixx.

           

          CRX (and Jackrabbit) do not store passwords. They store a hash. So you cannot retreive the password out of CRX, only change it.

          1 person found this helpful
          • 2. Re: how to make a use as logged in user?
            Jilla Ravinder Level 1

            Thank you Justin - Yes, you are right.

             

            This requirement is from client which we need to implement.

            Can we use SSO authentication handler for this, if yes, how can i use it.

             

            Thanks,

            Ravinder Jilla.

            • 3. Re: how to make a use as logged in user?
              Jilla Ravinder Level 1

              Could you please help me.

               

              I'm using SSOAuthentication handler cq-default by setting the below parameters.

              path as /

              parameter names as mlst

              ID Format as AsIs

              checked the desable loging page.

               

              but SSOAuthentication is not working as it is taking to login page.- below are the logs.(CUG is enabled for the page).

               

              1. 08.05.2013 00:04:21.946 *DEBUG* [0:0:0:0:0:0:0:1 [1367951661921] GET /content/PhysicianServices/China/005-BMPortal/zh/cn/education.html?mlst=guest1234 HTTP/1.1] com.day.cq.auth.impl.SsoAuthenticationHandler found parameter mlst=guest1234
              2. 08.05.2013 00:04:21.946 *DEBUG* [0:0:0:0:0:0:0:1 [1367951661921] GET /content/PhysicianServices/China/005-BMPortal/zh/cn/education.html?mlst=guest1234 HTTP/1.1] com.day.cq.auth.impl.SsoAuthenticationHandler accepting trusted credentials, uid=guest1234 found in parameter:mlst
              3. 08.05.2013 00:04:21.953 *DEBUG* [0:0:0:0:0:0:0:1 [1367951661921] GET /content/PhysicianServices/China/005-BMPortal/zh/cn/education.html?mlst=guest1234 HTTP/1.1] com.day.cq.auth.impl.LoginSelectorHandler ignoreRequest: Extension html of request /content/PhysicianServices/China/005-BMPortal/zh/cn/education.html is being handled
              4. 08.05.2013 00:04:21.953 *DEBUG* [0:0:0:0:0:0:0:1 [1367951661921] GET /content/PhysicianServices/China/005-BMPortal/zh/cn/education.html?mlst=guest1234 HTTP/1.1] com.day.cq.auth.impl.cug.CugSupportImpl Trying to find cug root for /content/PhysicianServices/China/005-BMPortal/zh/cn/education
              5. 08.05.2013 00:04:21.953 *DEBUG* [0:0:0:0:0:0:0:1 [1367951661921] GET /content/PhysicianServices/China/005-BMPortal/zh/cn/education.html?mlst=guest1234 HTTP/1.1] com.day.cq.auth.impl.cug.CugSupportImpl Found login page /content/PhysicianServices/China/005-BMPortal/zh/cn/login-page.html of cug root /content/PhysicianServices/China/005-BMPortal/zh/cn/education
              6. 08.05.2013 00:04:21.954 *DEBUG* [0:0:0:0:0:0:0:1 [1367951661921] GET /content/PhysicianServices/China/005-BMPortal/zh/cn/education.html?mlst=guest1234 HTTP/1.1] com.day.cq.auth.impl.LoginSelectorHandler redirected user to [/content/PhysicianServices/China/005-BMPortal/zh/cn/login-page.html] for request [/content/PhysicianServices/China/005-BMPortal/zh/cn/education.html].
              7. 08.05.2013 00:04:21.998 *DEBUG* [0:0:0:0:0:0:0:1 [1367951661979] GET /content/PhysicianServices/China/005-BMPortal/zh/cn/login-page.html?resource=%2Fcontent%2 FPhysicianServices%2FChina%2F005-BMPortal%2Fzh%2Fcn%2Feducation.html%3Fmlst%3Dguest1234&$$ login$$=%24%24login%24%24&j_reason=User+name+and+password+do+not+match HTTP/1.1] com.day.cq.auth.impl.SsoAuthenticationHandler forceAuthentication: Not forcing authentication because request parameter sling:authRequestLogin is not set