Chuyển đến nội dung chính

How to custom CQ Login Module

In order to manage the login process in our project, we will use a custom CQ Login Module.

We will admit the root URL of CQ instance is: http://localhost:4502/. This value may change depending of your environment.
The %CQ_HOME% variable we will mention refers to the CQ install path. It admits you have defined %CQ_HOME% as an environment variable.

1.        Update the repository definitions

The login module must be referenced in the repository definitions. You have to edit the next file: %CQ_HOME%/crx-quickstart/repository/repository.xml
Do a copy of repository.xml to repository.xml.original
In repostiory.xml, replace security part of repository.xml with following:

<Security appName="com.day.crx">
        <SecurityManager class="com.day.crx.core.CRXSecurityManager">
<WorkspaceAccessManager class="org.apache.jackrabbit.core.security.simple.SimpleWorkspaceAccessManager"/>
            <UserManager class="com.day.crx.core.CRXUserManagerImpl">
<param name="usersPath" value="/home/users"/>
<param name="groupsPath" value="/home/groups"/>
<param name="defaultDepth" value="1"/>
</UserManager>
        </SecurityManager>
        <AccessManager class="org.apache.jackrabbit.core.security.DefaultAccessManager"></AccessManager>
</Security>


rest of the file may remain unchanged.

2.        Configure JAAS

Firstly, we will add a configuration file to define login modules used by MyProject project. Create a new file in: %CQ_HOME%/crx-quickstart/conf/myproject.conf
Add in this file the code below:
com.day.crx {
     com.day.crx.core.CRXLoginModule sufficient;
     com.customlogin.myproject.authentication.LoginModule required;
};
Now we will update the startup script. Edit the file: %CQ_HOME%/crx-quickstart/bin/start
Make sure the CQ_USE_JAAS variable is defined and set to true
::* use jaas.config
if not defined CQ_USE_JAAS set CQ_USE_JAAS=true
Add (or replace) the following line:
::* config for jaas
if not defined CQ_JAAS_CONFIG set CQ_JAAS_CONFIG=%CQ_HOME%\crx-quickstart\conf\myproject.conf
Then add the following JVM parameter
if defined CQ_USE_JAAS        set CQ_JVM_OPTS=%CQ_JVM_OPTS% -Djava.security.auth.login.config=%CQ_JAAS_CONFIG%

NOTE: please run cq by start.bat (window)

3.        Install custom login module bundle

To install the custom login module, go to the bundles manager: http://localhost:4502/system/console/bundles
Click on the “Install/Update…” button to install a new bundle.
In the popup, configure “Start Level” to 15 and select the bundle to install: user-custom-login-[version].jar
Now, you have to restart your CQ instance. (The bundle must be present at startup time in order to be activated, so you must restart the CQ instance after uploading it.)

To verify that the custom login module is correctly installed, you can look at the authenticator manager: http://localhost:4502/system/console/slingauth










4.        Add generic user

All users will be logged into CQ as the same CQ user. Currently, the common user you have to configure in CQ is “genuser”.
To add it, go to user admin console: http://localhost:4502/useradmin and click on create > create user













Set “genuser” in all required fields. Note that the password will never be checked in CQ, because login module authenticates users from an external base.
Now you can try to authenticate you in CQ with MyProject login module. For test purpose, you can use the user: testing@gmail.com/password, stored in database.











5.        Use a custom login form

To use the custom MyCustom authentication, you have to send a request with following properties:
·         method = POST
·         action URI has to end with .../j_security_check. CQ will convey each request send to .../j_security_check to authentication handlers
·         parameters:
o   j_username: the username
o   j_password: the password
o   resource: the component the user tried to access
o   authenticationType: set it to “myproject-auth”
The code below gives you an example:

<form name="login" method="POST" id="login" action="/libs/granite/core/content/login.html/j_security_check" novalidate="novalidate">
                <input type="hidden" name="_charset_" value="UTF-8"/>
                <input type="hidden" name="resource" value="&#x2f;"/>
                <input type="hidden" name="authenticationType" value="myproject-auth"/>
                <p class="sign-in-title">Sign in</p>               
                <label for="username"><span>User name</span></label>
                <input id="username" name="j_username" type="email" autofocus="autofocus" pattern=".*" placeholder="User name" spellcheck="false" autocomplete="off"/><br/>
                <label for="password"><span>Password</span></label>
                <input id="password" name="j_password" type="password" placeholder="Password" spellcheck="false" autocomplete="off"/><br/>                   
                </div>
                <button type="submit" class="primary">Sign In</button>
            </form>
http://dev.day.com/docs/en/cq/current/core/deploying/custom-login-modules.html


Nhận xét

Đăng nhận xét

Bài đăng phổ biến từ blog này

[PERFORMANCE] Adobe WEM/CQ performance tuning

Adobe WEM/CQ performance tuning Contents Caching-related configurations CRX Bundle cache CRX Search index handler (Lucene) cache Tar PM index cache Scalability Maintenance Optimizing Tar Files (for Tar Persistence Manager) Data Store Garbage Collection Main documentation you should consult first: http://dev.day.com/docs/en/cq/current/deploying/performance.html http://dev.day.com/content/kb/home/cq5/CQ5Troubleshooting/performancetuningtips.html Caching-related configurations CRX Bundle cache CRX caches bundles, consisting of a node with all its properties. This is used by all bundle-based Persistence Managers. The default size of BundleCache is 8 MB. If this is too small it can cause an excessive number of read-accesses to the underlying persistence layer. Set the bundleCacheSize to something larger than the default. See more here: http://dev.day.com/docs/en/cq/current/deploying/performance.html#CRX%20Bundle%20Cache CRX Search index handler (Lucene...
Đăng nhận xét
Đọc thêm

[Query Builder] Advanced Search

Using the Advanced Search When using a list, select from the 'Build list using' options 'Advanced Search.' This will open a new tab in the list window with one text box labeled: 'Querybuilder Predicate Notation.' This is asking for a few lines of code to define search parameters. Example Code - With Explanations of Results Searching for Pages type=cq:Page property=jcr:content/jcr:title property.value=Places 'type' defines what sort of object you'll be searching for (it's usually a page). 'property' defines what property of the object you'll be filtering by; in this case, its by the title. 'property.value' defines your search term. So this search would be searching all PAGES with the TITLE of PLACES. So it would find every page titled Places. *IMPORTANT* Searches by title ARE case-sensitive, so 'Places' is not the same as 'places'. type=cq:Page path=/cq/sandbox property=jcr:cont...
Đăng nhận xét
Đọc thêm

[CQ6-SYSTEM] MAINTAINING THE REPOSITORY - Reduce repository size (cleanup repository)

Compacting Tar Files As data is never overwritten in a tar file, the disk usage increases even when only updating existing data. To make up for the growing size of the repository, AEM employs a garbage collection mechanism called Tar Compaction. The mechanism will reclaim disk space by removing obsolete data from the repository. Revision Clean Up By default, tar file compaction is automatically run each night between 2 am and 5 am. The automatic compaction can be triggered manually in the Operations Dashboard via a maintenance job called Revision Clean Up. To start Revision Clean Up you need to: Go to the AEM Welcome Screen. In the main AEM window, go to Tools - Operations - Dashboard - Maintenance or directly browse to http://localhost:4502/libs/granite/operations/content/maintenance.html Click on Daily Maintenance Window. Hover over the Revision Clean Up window and press the Start button. The icon will turn orange to indicate that the Revision Clean Up ...
Đăng nhận xét
Đọc thêm