ACS error handler for AEM unauthorised pages | Community
Skip to main content
J
JyothiMo
New Member
February 25, 2025
Solved

ACS error handler for AEM unauthorised pages

  • February 25, 2025
  • 3 replies
  • 852 views

I want to display error messages for unauthorised users when accessing /crx/de or /system/console pages. I have setup ACS error handler and its working fine for pages in the website - 404 not found, etc. But how do I make this work for unauthorised users accessing AEM pages. 
Thanks in advance for any advice. 

 

This post is no longer active and is closed to new replies. Need help? Start a new post to ask your question.
Best answer by arunpatidar

Hi @rohan_garg 

I am not sure if the Sling filter will be executing on below paths.

private static final String[] RESTRICTED_PATHS = {"/crx/de", "/system/console"};

I had to implement a tricky solution for that

https://medium.com/@arunpatidar26/restrict-access-to-crxde-in-aem-08ad9f2934c2

3 replies

kautuk_sahni
Community Manager
kautuk_sahniCommunity Manager
Community Manager
February 26, 2025

@arunpatidar @rohan_garg @sarav_prakash @anupampat @martin_ecx_io @stiegjo22 @tad_reeves @ravi_pampana @pcprof  could you take a look at this question and share your thoughts? Your input would be really helpful!

Kautuk Sahni
arunpatidar
Community Advisor
arunpatidarCommunity Advisor
Community Advisor
February 26, 2025

Hi @jyothimo 

I think you can setup this via dispatcher.

 

https://experienceleaguecommunities.adobe.com/t5/adobe-experience-manager/show-custom-404-error-message/m-p/711382 

Arun Patidar
    J
    JyothiMoAuthor
    New Member
    February 27, 2025

    Hi @arunpatidar,

     

    Thanks for the reply. 

    I already have ErrorDocument added in my dispatcher vhost file. But still its showing the default error messages for /crx/de and other console pages when accessed. 

     

    ErrorDocument 404 /error/404.html
    ErrorDocument 500 /error/500.html
    ErrorDocument 403 /error/403.html

     Please suggest on how to get this working for AEM console pages.

      arunpatidar
      Community Advisor
      arunpatidarCommunity Advisor
      Community Advisor
      February 27, 2025

      Hi @jyothimo 

      Can you try debugging on diapathcer, I can see that for non-authorized user, /crx/de/ returns 404

      Arun Patidar
        Rohan_Garg
        Community Advisor
        Rohan_GargCommunity Advisor
        Community Advisor
        March 6, 2025

        Hey @jyothimo,

        1. For dispatcher error handling do you have DispatcherPassError enabled along with ErrorDocument?
        2. If you are unable to handle this at dispatcher you can probably use a Sling Filter to intercept requests, check if the user has access and then redirect to custom error page.
          Here's a sample code - 
          @Designate(ocd = AccessRestrictionFilter.Config.class)
          @Designate(ocd = AccessRestrictionFilter.class)
          @Component(immediate = true)
          public class AccessRestrictionFilter implements Filter {

              private static final String[] RESTRICTED_PATHS = {"/crx/de", "/system/console"};

              @Activate
              @Modified
              public void activate() {
                  // Perform any initialization here, if necessary.
              }

              @Override
              public void doFilter(Request request, Response response, FilterChain chain) throws IOException, ServletException {
                  String requestPath = request.getRequestPathInfo().getResourcePath();

                  // Check if the user is trying to access restricted paths
                  if (Arrays.asList(RESTRICTED_PATHS).contains(requestPath)) {
                      if (!hasPermission(request)) {
                          response.sendRedirect("/content/unauthorized.html");
                          return;
                      }
                  }

                  // Proceed to the next filter in the chain if authorized
                  chain.doFilter(request, response);
              }

              private boolean hasPermission(Request request) {
                  // Implement the logic to check if the user has the appropriate permissions
                  // You could check the request user, roles, etc.
                  return false;  // Change to true if the user has permissions
              }
          }

        Hope this helps!

        Rohan Garg

          arunpatidar
          Community Advisor
          arunpatidarCommunity AdvisorAccepted solution
          Community Advisor
          March 6, 2025

          Hi @rohan_garg 

          I am not sure if the Sling filter will be executing on below paths.

          private static final String[] RESTRICTED_PATHS = {"/crx/de", "/system/console"};

          I had to implement a tricky solution for that

          https://medium.com/@arunpatidar26/restrict-access-to-crxde-in-aem-08ad9f2934c2

          Arun Patidar
            Terms & ConditionsAccessibility statement

            Loading footer...