Expand my Community achievements bar.

SOLVED

AEM Author - SAML integration - Disabling CRXDE access

Avatar

Level 2

We have recently configured Author instance with SAML. The "Path" parameter is specified as "/" Root - (repository path for which this authentication handler should be used by Sling). The integration is working just fine. However when we are hitting "/crx/de/index.jsp" as anonymous user we are able to get to it. Shouldn't hitting CRXDE go to SSO login page too because Path parameter is configured as root.

Thanks.

1 Accepted Solution

Avatar

Correct answer by
Employee Advisor

CRX DE Lite is not covered by Sling Security, it is a servlet configured outside of sling. Therefor you cannot use the security model of the repository itself to disallow access to /crx/de/index.jsp. The only way are dispatcher rules or webserver rules.

Jörg

View solution in original post

2 Replies

Avatar

Correct answer by
Employee Advisor

CRX DE Lite is not covered by Sling Security, it is a servlet configured outside of sling. Therefor you cannot use the security model of the repository itself to disallow access to /crx/de/index.jsp. The only way are dispatcher rules or webserver rules.

Jörg

Avatar

Level 2

Thank you, I was under the same impression.