Expand my Community achievements bar.

SOLVED

AEM 6.3 :: Contextaware configs object "caconfig" not working in publisher

Avatar

Level 4

Hi Team,

In the Sightly we are using "caconfig" object to get the values defined in the Contextaware config's. We are using it like  caconfig['<propertyname>'].   This is working fine Author environment. But in Publisher it is not working.  Could you please let us know is there extra configuration we need to do to fix this. We are maintaining configurations under /conf node. We don't want to provide anonymous access to this folder.

Thanks

K Chaitanya

1 Accepted Solution

Avatar

Correct answer by
Employee Advisor

Hi,

anonymous user needs to have read access to /conf on AEM; but the dispatcher should block any direct access to /conf. To go further with this, please allow anonymous to read /conf, just to confirm if that's the issue.

@Arun: The Sling Scripting bundle is using the sling-scripting service user to internally do stuff, but the rendering itself runs in the context of the user accessing the site (in case of publish: anonymous).

Jörg

View solution in original post

9 Replies

Avatar

Employee Advisor

Make sure that the anonymous user has read permission on the /conf folder where you store this configuration.

Avatar

Level 4

Hi Jörg Hoh

Thanks for the response. But I believe giving Anonymous access to /conf folder is not recommended.  With this, Any User can access the /conf folder. Could you please let us know alternative fix.

Thanks

Avatar

Community Advisor

When you use sightly, sightly uses sling-scripting users.

So if you give sling-scripting user read permission to /conf folder, then you'll be able to read conf data from sightly.

Screen Shot 2018-06-06 at 10.44.51 AM.png

Thanks

Arun



Arun Patidar

Avatar

Level 4

Hi Arun,

It is not working. Thanks for Response.

Thanks

Avatar

Correct answer by
Employee Advisor

Hi,

anonymous user needs to have read access to /conf on AEM; but the dispatcher should block any direct access to /conf. To go further with this, please allow anonymous to read /conf, just to confirm if that's the issue.

@Arun: The Sling Scripting bundle is using the sling-scripting service user to internally do stuff, but the rendering itself runs in the context of the user accessing the site (in case of publish: anonymous).

Jörg

Avatar

Community Advisor

Hi Jorg

Yes, you are right. I tried with anonymous user after giving read permission, working fine.

giving permission to sling-scripting user won't resolve the issue. It was working for me because I was logged in as admin for changing permission.



Arun Patidar

Avatar

Level 4

Hi Jorg,

It is working, If we give read access to Anonymous User. Primary Issue is resolved.

Also Getting 403/404 error, When we access /conf and it's subfolders from publisher/ dispatcher.  Could you please confirm, Out of the Box  access /conf folder restricted? Or still, we need to block the access to /conf folder from dispatcher ?.

Thanks

Avatar

Employee Advisor

Hi,

just give it a try :-)

And indeed it would be a good idea to prevent access to /conf also via dispatcher.

cheers,

Jörg

Avatar

Level 4

Hi Jorg.

Issue Solved. Thank you so much.

Thanks