Your achievements

Level 1

0% to

Level 2

Tip /
Sign in

Sign in to Community

to gain points, level up, and earn exciting badges like the new
Bedrock Mission!

Learn more

View all

Sign in to view all badges

SOLVED

AEM 6.3 :: Contextaware configs object "caconfig" not working in publisher

krishna_chaita2
Level 3
Level 3

Hi Team,

In the Sightly we are using "caconfig" object to get the values defined in the Contextaware config's. We are using it like  caconfig['<propertyname>'].   This is working fine Author environment. But in Publisher it is not working.  Could you please let us know is there extra configuration we need to do to fix this. We are maintaining configurations under /conf node. We don't want to provide anonymous access to this folder.

Thanks

K Chaitanya

1 Accepted Solution
Jörg_Hoh
Correct answer by
Employee
Employee

Hi,

anonymous user needs to have read access to /conf on AEM; but the dispatcher should block any direct access to /conf. To go further with this, please allow anonymous to read /conf, just to confirm if that's the issue.

@Arun: The Sling Scripting bundle is using the sling-scripting service user to internally do stuff, but the rendering itself runs in the context of the user accessing the site (in case of publish: anonymous).

Jörg

View solution in original post

9 Replies
Jörg_Hoh
Employee
Employee

Make sure that the anonymous user has read permission on the /conf folder where you store this configuration.

krishna_chaita2
Level 3
Level 3

Hi Jörg Hoh

Thanks for the response. But I believe giving Anonymous access to /conf folder is not recommended.  With this, Any User can access the /conf folder. Could you please let us know alternative fix.

Thanks

Arun_Patidar
Community Advisor
Community Advisor

When you use sightly, sightly uses sling-scripting users.

So if you give sling-scripting user read permission to /conf folder, then you'll be able to read conf data from sightly.

Screen Shot 2018-06-06 at 10.44.51 AM.png

Thanks

Arun

krishna_chaita2
Level 3
Level 3

Hi Arun,

It is not working. Thanks for Response.

Thanks

Jörg_Hoh
Correct answer by
Employee
Employee

Hi,

anonymous user needs to have read access to /conf on AEM; but the dispatcher should block any direct access to /conf. To go further with this, please allow anonymous to read /conf, just to confirm if that's the issue.

@Arun: The Sling Scripting bundle is using the sling-scripting service user to internally do stuff, but the rendering itself runs in the context of the user accessing the site (in case of publish: anonymous).

Jörg

View solution in original post

Arun_Patidar
Community Advisor
Community Advisor

Hi Jorg

Yes, you are right. I tried with anonymous user after giving read permission, working fine.

giving permission to sling-scripting user won't resolve the issue. It was working for me because I was logged in as admin for changing permission.

krishna_chaita2
Level 3
Level 3

Hi Jorg,

It is working, If we give read access to Anonymous User. Primary Issue is resolved.

Also Getting 403/404 error, When we access /conf and it's subfolders from publisher/ dispatcher.  Could you please confirm, Out of the Box  access /conf folder restricted? Or still, we need to block the access to /conf folder from dispatcher ?.

Thanks

Jörg_Hoh
Employee
Employee

Hi,

just give it a try 🙂

And indeed it would be a good idea to prevent access to /conf also via dispatcher.

cheers,

Jörg

krishna_chaita2
Level 3
Level 3

Hi Jorg.

Issue Solved. Thank you so much.

Thanks