Change the order of evaluation for authentication

Last update: 2023-05-03
  • Created for:
  • User

AEM 6.4 has reached the end of extended support and this documentation is no longer updated. For further details, see our technical support periods. Find the supported versions here.

If you configured multiple authentication providers, you can change the order in which AEM forms evaluates them for authentication. The order of the authentication providers that are listed in the config.xml file determines the order of evaluation for authentication.

  1. In administration console, click Settings > User Management > Configuration > Import And Export Configuration Files.

  2. To export the current configuration setting to a file, click Export and save the configuration file in another location.

  3. Find the following node in the file:

     <node name="AuthSchemes">
         <map />
             <node name="CertificateAuth">
                     <entry key="order" value="3" />
                     <entry key="name" value="edc.server.auth.scheme.certificate" />
         <node name="Kerberos">
                 <entry key="kerberosSPN" value="defaultSPN" />
                 <entry key="order" value="1" />
                 <entry key="name" value="edc.server.auth.scheme.kerberos" />

    In <entry key="order" value="3" />, edit the value for each node to set the order of the authentication evaluation.

  4. To import the updated file, in User Management, click Configuration > Import And Export Configuration Files.

  5. Click Browse to find the file, click Import, and then click OK.

On this page