How to change the default authenticator in CQ5



While working with a colleague a few weeks ago, we ran into an interesting challenge with the site he was buillding in CQ5. This new site required a login page that needed to match a specific style. What we kept seeing the default Geometrixx-styled authenticator would be displayed. Now, we could have used our css file to override the look of the default authenticator. But we needed to add additional elements to the authentication page and wanted to manage the changes within the /app tree.

After some digging, I found that the authenticator hendler setting is not where I expected it to be (as part of the JCR properties of the site), it’s a sling:OsgiConfig propery located within the /libs tree. The full path is:


Note that we are pointing to the config.publish. This change will affect your publish instance. There is also a node at the same level. You can modify both to maintain identical settings for both instances. The property name is auth.logonselector.defaultloginpage. You can change its value to point to the login handler you have designed. Just be aware that this is a system-wide setting. Therefore your new login handler component will now be the default for all sites on your instance.

Here is a screenshot to visualize where this setting can be found.

Comments Closed

2 Responses to How to change the default authenticator in CQ5

  1. It should be said that this and all config settings such as this, can be made in the same structure but under the /apps structure, so it doesn’t get blown away in upgrades, and is package-able / bundle-able with the rest of your modifications.

  2. Vineet says:

    Even we were also facing this issue and came to know that we can change the value of default login page from felix console (as you also pointed out).
    Now, the next question is if you have two sites hosted on your CQ instance and want to have two different login pages, then how to configure them.
    I tried to look into it but till now I am not able to find out the code piece which is redirecting the user on this default login page if user credentials are wrongly entered.
    Do you have any idea??