Expand my Community achievements bar.

SOLVED

\/bin/project to be authenticated on dispatcher

Avatar

Level 2

Hi,

We have servlets with basic authentication available on our author and publish instances. A service user having access to the required content is able to view the response from these servlets and if no Authentication is provided , we get a 401 - Not Authorized response as expected.

 

We want this capability to be available on the dispatcher as well. How can we achieve this?

 

We have both On Prem and AMS instances.

Topics

Topics help categorize Community content and increase your ability to discover relevant content.

1 Accepted Solution

Avatar

Correct answer by
Community Advisor

Hi @sonaliku 

You can try to use basic authentication of Apache based on the path at dispatcher level. Specify the user here and need not depend on aem service user

Check the below blog

 

https://www.albinsblog.com/2015/06/enabling-basic-authentication-for-adobecq5-adobeaem.html#.Yhc9L5N...

 

 

View solution in original post

7 Replies

Avatar

Community Advisor

I think you just need to allow this servlet in your dispatcher configuration. Something like this:

/0108 { /type "allow" /method "POST" /url "/bin/project" }

 



Esteban Bustamante

Avatar

Level 2

@EstebanBustamante  We do not want to to be allowed to all the users but the specifed service user. How can that be achieved with below configuration?

Avatar

Community Advisor

Sorry, I didn't understand your question in the first instance, I assumed you have this functionality already working and you wanted to enable it in the dispatcher as well. 

 

From what I can understand you could do the following:

- Enable the servlet with an authentication method (preferred not basic auth, but OAuth2). This means that everyone with the servlet URL will be able to access but it will have to authenticate to actually see content from this servlet.

- If the user is able to authenticate the servlet, then you just need to use a session using your system users to retrieve whatever content you have in mind[2].

 

[1]. https://medium.com/tech-learnings/how-to-manage-the-protected-aem-resources-through-oauth-2-0-851ce4... 

[2]. https://medium.com/@manumathew28.94/aem-system-users-1b9ab48df19e  

 

Hope this helps



Esteban Bustamante

Avatar

Correct answer by
Community Advisor

Hi @sonaliku 

You can try to use basic authentication of Apache based on the path at dispatcher level. Specify the user here and need not depend on aem service user

Check the below blog

 

https://www.albinsblog.com/2015/06/enabling-basic-authentication-for-adobecq5-adobeaem.html#.Yhc9L5N...

 

 

Avatar

Level 2

Thankyou ! Will try out this approach to see if it works as expected.

Avatar

Administrator

@sonaliku Did you find the suggestions from users helpful? Please let us know if more information is required. Otherwise, please mark the answer as correct for posterity. If you have found out solution yourself, please share it with the community.



Kautuk Sahni