Your achievements

Level 1

0% to

Level 2

Tip /
Sign in

Sign in to Community

to gain points, level up, and earn exciting badges like the new
Bedrock Mission!

Learn more

View all

Sign in to view all badges

SOLVED

AEM Author - SAML integration - Disabling CRXDE access

pankajrohira
Level 2
Level 2

We have recently configured Author instance with SAML. The "Path" parameter is specified as "/" Root - (repository path for which this authentication handler should be used by Sling). The integration is working just fine. However when we are hitting "/crx/de/index.jsp" as anonymous user we are able to get to it. Shouldn't hitting CRXDE go to SSO login page too because Path parameter is configured as root.

Thanks.

1 Accepted Solution
Jörg_Hoh
Correct answer by
Employee
Employee

CRX DE Lite is not covered by Sling Security, it is a servlet configured outside of sling. Therefor you cannot use the security model of the repository itself to disallow access to /crx/de/index.jsp. The only way are dispatcher rules or webserver rules.

Jörg

View solution in original post

2 Replies
Jörg_Hoh
Correct answer by
Employee
Employee

CRX DE Lite is not covered by Sling Security, it is a servlet configured outside of sling. Therefor you cannot use the security model of the repository itself to disallow access to /crx/de/index.jsp. The only way are dispatcher rules or webserver rules.

Jörg

pankajrohira
Level 2
Level 2

Thank you, I was under the same impression.