Adobe Experience Manager Sites & More

pankajrohira · 2/22/18

We have recently configured Author instance with SAML. The "Path" parameter is specified as "/" Root - (repository path for which this authentication handler should be used by Sling). The integration is working just fine. However when we are hitting "/crx/de/index.jsp" as anonymous user we are able to get to it. Shouldn't hitting CRXDE go to SSO login page too because Path parameter is configured as root.

Thanks.

Jörg_Hoh · 2/22/18

CRX DE Lite is not covered by Sling Security, it is a servlet configured outside of sling. Therefor you cannot use the security model of the repository itself to disallow access to /crx/de/index.jsp. The only way are dispatcher rules or webserver rules.

Jörg

View solution in original post

Jörg_Hoh · 2/22/18

CRX DE Lite is not covered by Sling Security, it is a servlet configured outside of sling. Therefor you cannot use the security model of the repository itself to disallow access to /crx/de/index.jsp. The only way are dispatcher rules or webserver rules.

Jörg

pankajrohira · 2/22/18

Thank you, I was under the same impression.

Adobe Experience Manager Sites & More

AEM Author - SAML integration - Disabling CRXDE access

Learn

Documentation

Community

Support

Resources

Adobe account

Adobe