Expand my Community achievements bar.

SOLVED

Adding apache basic auth for a path in content hierarchy(one subdomain)

Avatar

Level 5

 

 

Hi All,

how could we add basic authentication in apache for a particular subdomain- there by requiring requests to a content path allowed with authentication credentials?

 

thanks in advance for your help or direction.

1 Accepted Solution

Avatar

Correct answer by
Community Advisor

You can create the .htaccess file in your local. Add the username into the file and the file looks like :

username:password (password in encrypted format).

 

Regards,

Raja

View solution in original post

6 Replies

Avatar

Community Advisor

Hey Kent,

 

If you are looking for a particular subdomain you can set auth requirement in the specific vhost as well.

 

Regards,

Peter

Avatar

Community Advisor

@asn11 Please follow the below steps to handle the authentication in domain level:

1.Create a file dispatcher.htaccess in dispatcher.
2.Create the users to access the password protected domain:
htpasswd -c /etc/httpd/conf.d/dispatcher.htaccess <user>

Enter the password (twice)
3.Add the following configurations to your virtual host to handle the authentication:

<Location />
## unsets authorization header when sending request to AEM
RequestHeader unset Authorization
Deny from all
#Allow from (Set IP to allow access without password)
AuthUserFile /etc/httpd/conf.d/dispatcher.htaccess
AuthName "Authentication Required"
AuthType Basic
Satisfy Any
require valid-user
</Location>


4.Check the syntax -> httpd -t

5.Restart the dispatcher.

6. Access the domain whether you are getting the authentication pop-up.

 

OR

 

You can configure the below configuration in your dispatcher.conf file to handle particular content path:

# unsets authorization header when sending request to AEM
RequestHeader unset Authorization
SetEnvIf Request_URI ^/content/xyz* auth=1
AuthType Basic
AuthUserFile /etc/httpd/conf.d/dispatcher.htaccess
# first, allow everybody
Order Allow,Deny
Satisfy any
Allow from all
Require valid-user
# then, deny only if required
Deny from env=auth

 

Regards,

Raja

Avatar

Level 5

@Raja-kp thanks for the answer. a followup question, how can I create user interactively as you mentioned with htpasswd command in case of aem as cloud where we cant access dispatcher server and configuration is done via code deployment?

Avatar

Correct answer by
Community Advisor

You can create the .htaccess file in your local. Add the username into the file and the file looks like :

username:password (password in encrypted format).

 

Regards,

Raja

Avatar

Community Advisor

What type of encription you mean? can you please show an example?