We are trying to implement SSO.
Customer has application which provides authentication based on cookies.
Below is the requirement.
When user tries to login to CQ.
Cq has to check for the cookie.
If this cookie is available in the request then CQ has to validate the cookie.
Cookie validation is done by calling cust application with cookie data as request parameter (We need to make call to the url with some parameters)
It will return some response code. If the response code is success then we need to allow the user. If response code is failure we need to show some with Failure info.
If the cookie is not available in the request then we need to redirect to cust application.
This cust application will ask for user creadentials (through the form).
Once user enters credentials cust appication will redirect to cq with the cookie which we are expecting. (we can configure redirect path of cq in cust application)
which is the best approach for implementing this. I can see AuthenticationHandler or SSO Handler. Which one we need to customize.
Retrieving data ...