Wednesday, February 10, 2016

Restricitng the content access to authenticated user - Adobe CQ5/AEM

Restricting the content access to authenticated user - Adobe CQ5/AEM

By default anonymous user in Adobe Experience Manager(AEM) will have the read access to content, so the content can be accessed via dispatcher/publisher directly without providing any credential.

This blog will explain how to restrict the content access to only authenticated users via dispatcher(including cached content) and publisher.

Remove the access of Anonymous user for content node in publisher

Create a user sample1 in publisher and provide the read access for content node (Multiple users can be created based on the requirement)

Enable the authentication in dispatcher

Execute the below command to create the password file and add the user - htpasswd -c /etc/httpd/conf/dispatcher.htaccess sample1 (enter the same password used in the publisher for sample1)

Command to add the users to the existing password file - htpasswd /etc/httpd/conf/dispatcher.htaccess sample2 (Multiple users can be created as per requirement, make sure the users are also created in publisher with same credentials)

Add the below configurations in httpd.conf file

AuthType Basic
AuthName "Restricted Files"
AuthUserFile /etc/httpd/conf/dispatcher.htaccess
Require valid-user

 Make sure the below mentioned line is commented out in httpd.conf file

 #RequestHeader unset Authorization

 Securing the cached content:

 Refer the following Adobe blog to enable the same -

 Make sure you are merging the existing /filter section with /auth_checker -/filter section in dispatcher.any file.

1 comment: