Hi I'm very new to sling so please forgive me if this is a stupid question.
I'm trying to implement form based authentication as an alternative to http basic Authentication. As far as I understand SlingAuthenticator will redirect to /system/sling/login if the user is not yet logged in and anonymous access is not enabled. The LoginServlet will then call login on the AuthenticationHandler (via SlingAuthenticator). This causes some problems for me where I want a successful authenticaton to redirect the user back to the original page he tried to access. When the login method on my AuthenticationHandler is called there is no way to get the original uri, as the user has just been redirected to /system/sling/login My question is thus, why does SlingAuthenticator redirect to the LoginServlet instead of just calling login on the appropriate AuthenticationHandler (this is what LoginServlet does anyway). If this was the case I could easily temporarily store the original uri in a cookie, session or similar to be able to redirect the user back after a successful authentication. Another question related to implementing alternate authentication methods. Is it possible to register servlets (under /system/sling for instance) that does not require the user to be authenticated even if anonymous access on SlingAuthenticator is disabled. Regards Magnus Johansson
