AEM 6.2 does not come with the access to /etc folder for anonymous user. Dispatcher connects to publisher as an anonymous user. Instead of changing the access on each user's aem, I am wondering if there is a curl command we can use to edit the anonymous users access to allow read access for /etc folder.
We tried few commands but none of these seem to work -
curl admin:admin -FprincipalId=anonymous -X POST --data-urlencode "changelog=path:/etc,read:true,modify:false,create:false,delete:false,acl_read:false,acl_edit:false,replicate:false" http://localhost:4503/.cqactions.htm
curl -u admin:admin -FprincipalId=anonymous -Fprivilege@jcr:all=granted http://localhost:4503/etc.modifyAce.html
Does anyone have any idea how we can achieve?
solution proposed in Anonymous read access to entire /etc is now removed. So we need to give read permission to all requi... will require each developer in the team to do it, but we wanted if it could be achieved through curl command as we are working for setting the AEM env using Docker.
Solved! Go to Solution.
Sharm, It looks to me you're pretty close with the CURL command you have only need a couple of changes:
1) I'm using AEM6.3 so I reference "authorizableId" instead of "principalId". To take a look at the actual parameters you have to use in your command, you can log into useradmin console (http://localhost:4502/useradmin ) open developer tools from browser (F12), access network tab and take a look at parameters.
curl -u admin:admin -FauthorizableId=anonymous -Fchangelog="path:/etc,read:true,modify:false,create:false,delete:false,acl_read:false,t:false,replicate:false" http://localhost:4503/.cqactions.html
2) curl command won't work OOTB due to Cross Site Forgery Request prevention. You'll need to configure "Adobe Granite CSRF Filter" and add "curl" as a safe user agent.
Sharm, It looks to me you're pretty close with the CURL command you have only need a couple of changes:
1) I'm using AEM6.3 so I reference "authorizableId" instead of "principalId". To take a look at the actual parameters you have to use in your command, you can log into useradmin console (http://localhost:4502/useradmin ) open developer tools from browser (F12), access network tab and take a look at parameters.
curl -u admin:admin -FauthorizableId=anonymous -Fchangelog="path:/etc,read:true,modify:false,create:false,delete:false,acl_read:false,t:false,replicate:false" http://localhost:4503/.cqactions.html
2) curl command won't work OOTB due to Cross Site Forgery Request prevention. You'll need to configure "Adobe Granite CSRF Filter" and add "curl" as a safe user agent.
Thank you very much. It seems to have worked . I did not have to do the #2 updates for Adobe Granite CSRF Filter as OOTB it was allowed (may be it is the case in AEM 6.2).
Views
Replies
Total Likes
Views
Likes
Replies
Views
Likes
Replies