Restricitng the content access to authenticated user - Adobe CQ5/AEM

Restricting the content access to authenticated user - Adobe CQ5/AEM

By default anonymous user in Adobe Experience Manager(AEM) will have the read access to content, so the content can be accessed via dispatcher/publisher directly without providing any credential.

This blog will explain how to restrict the content access to only authenticated users via dispatcher(including cached content) and publisher.

Remove the access of Anonymous user for content node in publisher

Create a user sample1 in publisher and provide the read access for content node (Multiple users can be created based on the requirement)

Enabling basic authentication for different directories with different credentials in dispatcher - Adobe CQ5/AEM

Enabling basic authentication for different directories with different credentials in dispatcher - Adobe CQ5/AEM

Separate credential for two different directories:

Create the .httpaccess for different directories

htpasswd -c /etc/httpd/conf/dispatcher.htaccess <username>
htpasswd -c /etc/httpd/conf/dispatcher1.htaccess <username>

Add the below configuration in the httpd.conf

<LocationMatch ^/content/sample1*>
# unsets authorization header when sending request to AEM
RequestHeader unset Authorization
SetEnvIf Request_URI ^/content/sample1* auths=0
AuthName "Please login to access the site"
AuthType Basic
AuthUserFile /etc/httpd/conf/dispatcher.htaccess
# first, allow everybody
Order Allow,Deny
Satisfy any
Allow from all
Require valid-user
# then, deny only if required
Deny from env=auths
</LocationMatch>

<LocationMatch ^/content/sample2*>
# unsets authorization header when sending request to AEM
RequestHeader unset Authorization
SetEnvIf Request_URI ^/content/sample2* auths=1
AuthName "Please login to access the press release"
AuthType Basic
AuthUserFile /etc/httpd/conf/dispatcher1.htaccess
# first, allow everybody
Order Allow,Deny
Satisfy any
Allow from all
Require valid-user
# then, deny only if required
Deny from env=auths
</LocationMatch>

Restart the dispatcher

Now you will be able to access /content/sample1 and /content/sample2 with different credential

There is a another scenario, separate credential for particular directory and rest of all the directories will use the same credentials.

Create the .httpaccess for different directories

htpasswd -c /etc/httpd/conf/dispatcher.htaccess <username>
htpasswd -c /etc/httpd/conf/dispatcher1.htaccess <username>

<Location />
# unsets authorization header when sending request to AEM
RequestHeader unset Authorization
SetEnvIf Request_URI ^/content/* auths=1
SetEnvIf Request_URI ^/content/sample2* auths=0
AuthName "Please login to access the site"
AuthType Basic
AuthUserFile /etc/httpd/conf/dispatcher.htaccess
# first, allow everybody
Order Allow,Deny
Satisfy any
Allow from all
Require valid-user
# then, deny only if required
Deny from env=auths
</Location>

<LocationMatch ^/content/sample2*>
# unsets authorization header when sending request to AEM
RequestHeader unset Authorization
SetEnvIf Request_URI ^/content/sample2* auths=1
AuthName "Please login to access the press release"
AuthType Basic
AuthUserFile /etc/httpd/conf/dispatcher1.htaccess
# first, allow everybody
Order Allow,Deny
Satisfy any
Allow from all
Require valid-user
# then, deny only if required
Deny from env=auths
</LocationMatch>

Restart the server.

send-mail: fatal: open /etc/postfix/main.cf: No such file or directory - Linux

send-mail: fatal: open /etc/postfix/main.cf: No such file or directory - Linux

I was receiving the following exception "send-mail: fatal: open /etc/postfix/main.cf: No such file or directory" while trying to send the mail through cron job. But the main.cf file is available in the specified location /etc/postfix/main.cf.

I tried providing the complete permission to /etc/postfix/main.cf but this not resolved the issue.

Steps to fix the issue:

yum reinstall postfix

postfix stop
postfix start

Not able to access the siteadmin and useradmin pages - Adobe CQ5/AEM

Not able to access the siteadmin and useradmin pages - Adobe CQ5/AEM

We were not able to access the useradmin,siteadming and other website pages in one of our AEM/CQ5 publisher but was able to access the crxde and system console.

After analysis the issue is due to some of the bundles were stopped(100+), we tried to start those bundles manually without any luck.

The following was the exception in the log file.

11.01.2016 16:48:47.307 *ERROR* [FelixDispatchQueue] com.day.cq.collab.cq-collab-core FrameworkEvent ERROR (org.osgi.framework.BundleException: Unresolved constraint in bundle com.day.cq.collab.cq-collab-core [166]: Unable to resolve 166.0: missing requirement [166.0] osgi.wiring.package; (&(osgi.wiring.package=com.day.cq.collab.commons)(version>=0.0.0)(!(version>=5.7.0))) [caused by: Unable to resolve 165.0: missing requirement [165.0] osgi.wiring.package; (osgi.wiring.package=com.day.cq.wcm.api) [caused by: Unable to resolve 288.1: missing requirement [288.1] osgi.wiring.package; (osgi.wiring.package=com.day.cq.tagging) [caused by: Unable to resolve 218.1: missing requirement [218.1] osgi.wiring.package; (&(osgi.wiring.package=com.day.cq.search)(version>=1.1.0)(!(version>=2.0.0))) [caused by: Unable to resolve 209.1: missing requirement [209.1] osgi.wiring.package; (&(osgi.wiring.package=org.apache.abdera.ext.media)(version>=1.0.0)(!(version>=2.0.0)))]]]])

This error points to missing package of org.apache.abdera.ext.media and this belongs to the bundle - Abdera Extensions - Media.
After looking into the system console, the bundle is not there and it got uninstalled(not sure how it got uninstalled).

Follow the below steps to resolve the issue.

Identify the bundle id from another environment.

How to configure Caching algorithm for better performance in Hybris platform?

How to configure Caching algorithm for better performance in Hybris platform?

In local.properties file add/change the values of the following properties.

#Possible vales are FIFO(default), LRU and LFU. Default value is FIFO
cache.evictionpolicy=FIFO
#Possible vales are FIFO (default), LFU and LRU. Default value is FIFO
regioncache.entityregion.evictionpolicy=FIFO

#Possible vales are FIFO (default), LFU and LRU. Default value is FIFO
regioncache.typesystemregion.evictionpolicy=FIFO

#Possible vales are FIFO (default), LFU and LRU. Default value is FIFO
regioncache.querycacheregion.evictionpolicy=FIFO

Change the algorithm to either LFU or LRU based on your requirements for better performance.