Querying asset in CUG | Community
Skip to main content
Guglielmo_Francesconi
Guglielmo_Francesconi
Level 2
November 19, 2021

Querying asset in CUG

  • November 19, 2021
  • 3 replies
  • 2587 views

Hello,

 

I have the need to retrieve assets through GET calls, only if I'm logged in (reserved assets).

I've tried using the CUG, setting an user as a viewer then, when I've published the folder and also the asset, I try with Postman to access the resource with basic authentication (of course the user that is in the CUG settings of the folder) and I get a resource not found 404 error.

What is the correct process to retrieve those assets with a GET call?

 

Thank you,

 

Guglielmo

 

This post is no longer active and is closed to new replies. Need help? Start a new post to ask your question.

3 replies

Guglielmo_Francesconi
Guglielmo_FrancesconiAuthor
Level 2
November 19, 2021

Updating: 

the error is showing only through the dispatcher, as if I call the asset from the 2 publish instances with the correct basic authentication, the CUG configuration is working as expected. Anybody knows if there is a specific CUG configuration for the dispatchers ?

    arunpatidar
    Community Advisor
    arunpatidarCommunity Advisor
    Community Advisor
    November 19, 2021

    Hi,

    Please check https://experienceleague.adobe.com/docs/experience-manager-dispatcher/using/configuring/permissions-cache.html?lang=en to implement dispatcher changes in order to protect asset properly and with caching.

    Arun Patidar
      Guglielmo_Francesconi
      Guglielmo_FrancesconiAuthor
      Level 2
      November 23, 2021

      I'm not sure I've understood fully this guide, because I've implemented the servlet but if I try to call it with this URL :http://localhost:4502/bin/permissioncheck?uri=/content/dam/folder/reserved/image.jpg

      the response is :

      Method GET not supported

      Cannot serve request to /bin/permissioncheck in AuthcheckerServlet

       

      Even if I call the servlet from author or publish directly, it doesn't seem to work. 

      I've not used the org.apache.felix.scr.annotations, since they are deprecated, but instead i wrote this:

      @Component(service = Servlet.class, immediate = true,
          property = {
              SLING_SERVLET_PATHS + "=/bin/permissioncheck",
          })
      public class AuthcheckerServlet extends SlingSafeMethodsServlet {

       Could this be the error ? 

        arunpatidar
        Community Advisor
        arunpatidarCommunity Advisor
        Community Advisor
        November 23, 2021

        Hi,
        1. You have to create a servlet , that you already did.

        2. Update the /auth_checker section in the dispatcher file

        https://experienceleague.adobe.com/docs/experience-manager-dispatcher/using/configuring/permissions-cache.html?lang=en#example-configuration

        Arun Patidar
          Guglielmo_Francesconi
          Guglielmo_FrancesconiAuthor
          Level 2
          November 25, 2021

          I've managed to resolve the issue:

           

          • The custom authentication servlet was not being called due to a code error inside a custom 404 handler
          • The authentication servlet was not getting the basic authorization information due to "/clientheaders" section of the dispatcher farm not having the "Authorization" header

           

          Thank you @arunpatidar for all the support!

            arunpatidar
            Community Advisor
            arunpatidarCommunity Advisor
            Community Advisor
            November 27, 2021

            I am glad that finally it works for you.

            Arun Patidar
              Terms & ConditionsAccessibility statement

              Loading footer...