Hi Thanks for your answer... it all makes sense except for one small detail
If I try to follow the code this is my understanding: 1. SlingAuthenticator calls my AuthenticationHandler.authenticate 2. AuthenticationHandler.authenticate return null as no user is currently logged in 3. SlingAuthenticator will now call SlingAuthenticator.getAnonymousSession 4. SlingAuthenticator.getAnonymousSession will redirect to LoginServlet 5. LoginServlet will call AuthenticationHandler.login (via SlingAuthenticator) In step 5 my AuthenticationHandler can not get the original request uri that was requested by the user at 1 because of the redirect in step 4. One solution/hack in my AuthenticationHandler would be in step 2 to return incorrect credentials instead of returning null. This would force SlingAuthenticator to call handleLoginFailure and thus login on my AuthenticationHandler. However, this would mean that I "loose" the built-in support for anonymous users. The other solution would be for step 4 to actually call AuthenticationHandler.login directly (without a redirect). This might of course have some unwanted side-effects that I haven't thought of. Regards Magnus Johansson
