Monday, February 8, 2016

Enabling basic authentication for different directories with different credentials in dispatcher - Adobe CQ5/AEM

Enabling basic authentication for different directories with different credentials in dispatcher - Adobe CQ5/AEM

Separate credential for two different directories:

Create the .httpaccess for different directories

htpasswd -c /etc/httpd/conf/dispatcher.htaccess <username>
htpasswd -c /etc/httpd/conf/dispatcher1.htaccess <username>

Add the below configuration in the httpd.conf

<LocationMatch ^/content/sample1*>
# unsets authorization header when sending request to AEM
RequestHeader unset Authorization
SetEnvIf Request_URI ^/content/sample1* auths=0
AuthName "Please login to access the site"
AuthType Basic
AuthUserFile /etc/httpd/conf/dispatcher.htaccess
# first, allow everybody
Order Allow,Deny
Satisfy any
Allow from all
Require valid-user
# then, deny only if required
Deny from env=auths
</LocationMatch>

<LocationMatch ^/content/sample2*>
# unsets authorization header when sending request to AEM
RequestHeader unset Authorization
SetEnvIf Request_URI ^/content/sample2* auths=1
AuthName "Please login to access the press release"
AuthType Basic
AuthUserFile /etc/httpd/conf/dispatcher1.htaccess
# first, allow everybody
Order Allow,Deny
Satisfy any
Allow from all
Require valid-user
# then, deny only if required
Deny from env=auths
</LocationMatch>

Restart the dispatcher

Now you will be able to access /content/sample1 and /content/sample2 with different credential

There is a another scenario, separate credential for particular directory and rest of all the directories will use the same credentials.

Create the .httpaccess for different directories

htpasswd -c /etc/httpd/conf/dispatcher.htaccess <username>
htpasswd -c /etc/httpd/conf/dispatcher1.htaccess <username>

<Location />
# unsets authorization header when sending request to AEM
RequestHeader unset Authorization
SetEnvIf Request_URI ^/content/* auths=1
SetEnvIf Request_URI ^/content/sample2* auths=0
AuthName "Please login to access the site"
AuthType Basic
AuthUserFile /etc/httpd/conf/dispatcher.htaccess
# first, allow everybody
Order Allow,Deny
Satisfy any
Allow from all
Require valid-user
# then, deny only if required
Deny from env=auths
</Location>

<LocationMatch ^/content/sample2*>
# unsets authorization header when sending request to AEM
RequestHeader unset Authorization
SetEnvIf Request_URI ^/content/sample2* auths=1
AuthName "Please login to access the press release"
AuthType Basic
AuthUserFile /etc/httpd/conf/dispatcher1.htaccess
# first, allow everybody
Order Allow,Deny
Satisfy any
Allow from all
Require valid-user
# then, deny only if required
Deny from env=auths
</LocationMatch>

Restart the server.

No comments:

Post a Comment