Expand my Community achievements bar.

Guidelines for the Responsible Use of Generative AI in the Experience Cloud Community.

AEM 6.5 Allow anonymous access

Avatar

Level 2

Hi everyone,

I'm currently facing an issue on AEM 6.5 version. Eveerything is working fine on AEM 6.2 and i'm not able to find why it's not working on 6.5.

We have implemented a custom behavior for the native aem projects : we generate an anonymous link which should allow users to access projects without being logged.

The anonymous link looks like this : http://[server:port]/assets.html/content/dam/projects/anonymous-folders/projectname/0073f00c-26b7-4a...

I updated the Sling Authentication service and set : -/assets.html/content/dam/projects/anonymous-folders

The allow anonymous access checkbox is check.

About permission, anonymous user has same permissions as 6.2 :

       - path: /content/dam/projects/anonymous-folders

         permission: allow

         privileges: jcr:read

         restrictions:

           rep:glob: ''

       - path: /content/dam/projects/anonymous-folders

         permission: allow

         privileges: jcr:read,jcr:lockManagement,jcr:modifyAccessControl,jcr:readAccessControl,jcr:versionManagement,rep:write

         restrictions:

           rep:glob: '/*'

The only point which is different between 6.2 and 6.5 is in the sling authenticator configuration we have 2 new fields :

osgi.http.whiteboard.context.select.name

osgi.http.whiteboard.listener.name

I let the default values which are (osgi.http.whiteboard.context.name=*) and true (but I tried with false too )

When I try to access the anonymous project url, I'm able to see the page for 1 seconds and then i'm redirected on the login page with this in log :

org.apache.sling.auth.core.impl.SlingAuthenticator getAnonymousResolver: Anonymous access not allowed by configuration - requesting credentials

I really don't understand why the anonymous access is not allowed

Could somebody help me on this please ?

Many thanks,

Emilie

7 Replies

Avatar

Community Advisor

Hi,

Could you please try to add your path with minus e.g. (-/content/dam/projects/anonymous-folders) in Authentication Requirements

at http://localhost:4504/system/console/configMgr/org.apache.sling.engine.impl.auth.SlingAuthenticator



Arun Patidar

Avatar

Level 2

Hi Arun,

Thx for your answer.

When I update the authentication service with -/content/dam/projects/anonymous-folders, I still got the "Anonymous access not allowed by configuration - requesting credentials".

When I'm trying to access http://[server:port]/assets.html/content/dam/projects/anonymous-folders/projectname/0073f0 0c-26b7-4..., I'm automatically redirect to http://localhost:4502/libs/granite/core/content/login.html

If I keep the -/assets.html/content/dam/projects/anonymous-folders, I stay on this url http://[server:port]/assets.html/content/dam/projects/anonymous-folders/projectname/0073f0 0c-26b7-4...

In fact, my first post is incorrect, i'm not "redirect" to the login page as my url is not updated and it's displaying me the login form.

I have this for one second :

1809528_pastedImage_2.png

Then this :

1809527_pastedImage_1.png

With your suggestion update, I get this :

1809529_pastedImage_4.png

Avatar

Community Advisor

Hi,

After adding -/assets.html/content/dam/we-retail/en/activities/hiking

and giving anonymous user read permission at

/content/dam/we-retail/en/activities/hiking

/libs/dam/gui/content/assets

I can access the /assets.html/content/dam/we-retail/en/activities/hiking without login, though I am facing am getting other erroe due to insufficuient permission or other changes may be, not sure though.



Arun Patidar

Avatar

Level 4

Have you tried checking the "Allow anonymous" in Apache Sling Authentication Service

Avatar

Level 2

Yes, the allow anonymous access checkbox is check.

Avatar

Level 4

Have you tried the steps that Arun mentioned on a different project folder. If not can you pls try that

Avatar

Level 2

Yep I'm at the same point as Arun with this :

I'm ok on all this step but still can't access to my url ... I need to understand why the login page is displayed. Maybe oit's my template which is not good ...