Expand my Community achievements bar.

Don’t miss the AEM Skill Exchange in SF on Nov 14—hear from industry leaders, learn best practices, and enhance your AEM strategy with practical tips.
Read More & Register today!
SOLVED

AEMAaCS | Bypass SSO authentication for certain user agents

Avatar

Level 2
Level 2
9/28/22 6:43:03 AM

Hi Folks,

 

I am using AzureAD/AEM SAML for SSO user authentication.

It is working as expected. We have coveo agent/connector which need to access sitemap page for that we need to skip SSO authentication. 

 

Coveo agent trying to access sitemap page form dispatcher url. For this SSO authentication need to bypass.

 

I tried adding user agents in Apache Sling Referrer Filter

Exclude Regexp User Agent to skip this authntication if request comes from these agents.

Still no luck.

 

Could you guys please help me on this.

 

Appreciate your help.

 

Thanks,

Pradeep

Views

792

Replies

5
Sign in to like this content

Total Likes

Translate
Translate
1 Accepted Solution

Avatar

Correct answer by
Community Advisor
Community Advisor
4/24/24 4:08:11 AM

Please use the token-based authentication for restricted content. For details, please refer to https://experienceleague.adobe.com/en/docs/experience-manager-learn/getting-started-with-aem-headles....

Aanchal Sikka

View solution in original post

Views

289

Replies

0
Sign in to like this content

Total Likes

Translate
Translate
Jump to reply
5 Replies

Avatar

Employee Advisor
Employee Advisor
10/3/22 11:10:55 AM

Please disregard this approach, as a header of a HTTP request can be changed very easily.

 

Instead I would configure the authentication not to require authentication when accessing these sitemaps.

Views

772

Replies

2
Sign in to like this content

Total Likes

Translate
Translate

Avatar

Level 2
Level 2
10/3/22 11:13:45 PM
In response to Jörg_Hoh

We need to access entire site from coveo agent without authentication, not only site map page.

Any suggestions highly appreciated. 

 

Thanks,

Pradeep

Views

768

Replies

1
Sign in to like this content

Total Likes

Translate
Translate

Avatar

Employee Advisor
Employee Advisor
10/6/22 12:16:18 PM
In response to pradeepdubey

Can't Coveo use authentication for access as well? 

Views

760

Replies

0
Sign in to like this content

Total Likes

Translate
Translate

Avatar

Correct answer by
Community Advisor
Community Advisor
4/24/24 4:08:11 AM

Please use the token-based authentication for restricted content. For details, please refer to https://experienceleague.adobe.com/en/docs/experience-manager-learn/getting-started-with-aem-headles....

Aanchal Sikka

Views

290

Replies

0
Sign in to like this content

Total Likes

Translate
Translate
Jump to reply

Avatar

Administrator
Administrator
5/16/24 4:56:14 AM

@pradeepdubey Did you find the suggestions from users helpful? Please let us know if more information is required. Otherwise, please mark the answer as correct for posterity. If you have found out solution yourself, please share it with the community.



Kautuk Sahni

Views

251

Replies

0
Sign in to like this content

Total Likes

Translate
Translate
Related Conversations
I want to disable the delete copy move and all the other options for the child components Solved

Views

114

Likes

0

Replies

5
how to implement nonce for Content-Security-Policy script-src directive in dispatcher

Views

51

Likes

0

Replies

1
Ability to preview or thumbnail to preview for XF

Views

64

Likes

0

Replies

2
AEM session management and user access

Views

68

Likes

0

Replies

2
Tips Needed for Adobe AD0-E126 Exam Preparation

Views

394

Likes

0

Replies

3