Expand my Community achievements bar.

SOLVED

AEM Author - SAML integration - Disabling CRXDE access

Avatar

Level 2
Level 2
2/22/18 7:30:34 AM

We have recently configured Author instance with SAML. The "Path" parameter is specified as "/" Root - (repository path for which this authentication handler should be used by Sling). The integration is working just fine. However when we are hitting "/crx/de/index.jsp" as anonymous user we are able to get to it. Shouldn't hitting CRXDE go to SSO login page too because Path parameter is configured as root.

Thanks.

Views

1.5K

Replies

2
Sign in to like this content

Total Likes

Translate
Translate
1 Accepted Solution

Avatar

Correct answer by
Employee Advisor
Employee Advisor
2/22/18 9:31:53 AM

CRX DE Lite is not covered by Sling Security, it is a servlet configured outside of sling. Therefor you cannot use the security model of the repository itself to disallow access to /crx/de/index.jsp. The only way are dispatcher rules or webserver rules.

Jörg

View solution in original post

Views

992

Replies

0
Sign in to like this content

Total Likes

Translate
Translate
Jump to reply
2 Replies

Avatar

Correct answer by
Employee Advisor
Employee Advisor
2/22/18 9:31:53 AM

CRX DE Lite is not covered by Sling Security, it is a servlet configured outside of sling. Therefor you cannot use the security model of the repository itself to disallow access to /crx/de/index.jsp. The only way are dispatcher rules or webserver rules.

Jörg

Views

993

Replies

0
Sign in to like this content

Total Likes

Translate
Translate
Jump to reply

Avatar

Level 2
Level 2
2/22/18 9:38:48 AM

Thank you, I was under the same impression.

Views

1.2K

Replies

0
Sign in to like this content

Total Likes

Translate
Translate