anonymous user access to /etc using curl | Community
Skip to main content
V
vsharm
Level 4
February 19, 2018
Solved

anonymous user access to /etc using curl

  • February 19, 2018
  • 2 replies
  • 3250 views

AEM 6.2 does not come with the access to /etc folder for anonymous user. Dispatcher connects to publisher as an anonymous user. Instead of changing the access on each user's aem, I am wondering if there is a curl command we can use to edit the anonymous users access to allow read access for /etc folder.

We tried few commands but none of these seem to work -

curl admin:admin -FprincipalId=anonymous -X POST --data-urlencode "changelog=path:/etc,read:true,modify:false,create:false,delete:false,acl_read:false,acl_edit:false,replicate:false" http://localhost:4503/.cqactions.htm

curl -u admin:admin -FprincipalId=anonymous -Fprivilege@jcr:all=granted http://localhost:4503/etc.modifyAce.html

Does anyone have any idea how we can achieve?

solution proposed in Anonymous read access to entire /etc is now removed. So we need to give read permission to all required nodes under /etc…  will require each developer in the team to do it, but we wanted if it could be achieved through curl command as we are working for setting the AEM env using Docker.

    This post is no longer active and is closed to new replies. Need help? Start a new post to ask your question.
    Best answer by Julio_Tobar

    Sharm​, It looks to me you're pretty close with the CURL command you have only need a couple of changes:

    1) I'm using AEM6.3 so I reference "authorizableId" instead of "principalId". To take a look at the actual parameters you have to use in your command, you can log into useradmin console (http://localhost:4502/useradmin ) open developer tools from browser (F12), access network tab and take a look at parameters.

    curl -u admin:admin -FauthorizableId=anonymous -Fchangelog="path:/etc,read:true,modify:false,create:false,delete:false,acl_read:false,t:false,replicate:false" http://localhost:4503/.cqactions.html

    2) curl command won't work OOTB due to Cross Site Forgery Request prevention. You'll need to configure "Adobe Granite CSRF Filter" and add "curl" as a safe user agent.

    2 replies

    Julio_Tobar
    Julio_TobarAccepted solution
    Level 3
    February 20, 2018

    Sharm​, It looks to me you're pretty close with the CURL command you have only need a couple of changes:

    1) I'm using AEM6.3 so I reference "authorizableId" instead of "principalId". To take a look at the actual parameters you have to use in your command, you can log into useradmin console (http://localhost:4502/useradmin ) open developer tools from browser (F12), access network tab and take a look at parameters.

    curl -u admin:admin -FauthorizableId=anonymous -Fchangelog="path:/etc,read:true,modify:false,create:false,delete:false,acl_read:false,t:false,replicate:false" http://localhost:4503/.cqactions.html

    2) curl command won't work OOTB due to Cross Site Forgery Request prevention. You'll need to configure "Adobe Granite CSRF Filter" and add "curl" as a safe user agent.

      V
      vsharmAuthor
      Level 4
      February 20, 2018

      Thank you very much. It seems to have worked .  I did not have to do the #2 updates for Adobe Granite CSRF Filter as OOTB it was allowed (may be it is the case in AEM 6.2).

      Terms & ConditionsAccessibility statement

      Loading footer...