Intercepting j_username, j_password for server side password validations

Question

Hi,

My use case is such that I need to allow users to login (authenticated via j_security) , post which I need to identify if passwords are weak and make users change them.

Is there any API that allows decrypted user password to be fetched from JCR ? Or any other idea how this can be achieved.

kautuk_sahni · Accepted Answer

HiPlease have a look at this Adobe community GEM sessionLink:-https://communities.adobe.com/content/dam/cush/aem_technologistsdevelopersarchitects/AEMTechnologistsAsktheExpertsFeb2105.mp4.form.html/content/cush/en/communities/aem_technologistsdevelopersarchitects/resources/internal-video-detail// This will walk youthrough a presentation and demo on developing secure AEM web sites that require user authentication. This session will provide you with a deeper understanding of how to build AEM secure web site by using Sling technology.~kautuk

Ashwin_Raju · Answer

Please refer tohttps://docs.adobe.com/docs/en/spec/jsr170/javadocs/jcr-1.0/javax/jcr/SimpleCredentials.html#getPassword()Also -http://www.programcreek.com/java-api-examples/index.php?api=javax.jcr.SimpleCredentialsPlease revert if my response didn't help or mark answered if it helped!Regards,Ashwin Raju

Sign up

Login with SSO

Login to the community

Login with SSO

Scanning file for viruses.

This file cannot be downloaded