creating a basic authentication for aem service for different non aem server for post call (aem6.5) | Community
Skip to main content
srinivas_chann1
srinivas_chann1
Level 7
September 14, 2021
Solved

creating a basic authentication for aem service for different non aem server for post call (aem6.5)

  • September 14, 2021
  • 3 replies
  • 2214 views

Hi ,

 

Non AEM host server need to upload an image to AEM publish server .

 

AEM is exposing an service say www.abc.com/upload.json   ,when Non AEM host serve hit this service ,in aem it will hit the servlet and we can upload the image.

 

But we would to restrict this based on some particular user . So how to achieve it using basic authentication .

Here we would need to provide userid and password to the non aem server request. How could they send that data to in post request.

 

But in aem how will it be validated if the correct user is accessing it .What is procedure or sample code for it.

 

Also could we  achieve auth  (bearer token) with the above mechanism in AEM

 

Any inputs on this will be helpful.

Thanks

This post is no longer active and is closed to new replies. Need help? Start a new post to ask your question.
Best answer by user55521

Depending on AEM version you can use the Assets HTTP API, so no need to recreate your own API. What you'd need to do is create a user on AEM side that is allowed to perform the required CRUD operations in particular DAM path and use these credentials when making the Assets API calls.

 

You should also keep in mind however that large ingestion of assets can lead AEM performance issues, so keep an eye out for performance tuning needs.

3 replies

Fanindra_Surat
Community Advisor
Fanindra_SuratCommunity Advisor
Community Advisor
September 14, 2021

Hi @srinivas_chann1 - 

 

Please refer to 

AEM way of authenticating users using ACLs - https://experienceleaguecommunities.adobe.com/t5/adobe-experience-manager/implementing-authentication-for-servlet-on-publish-instance/td-p/169598

A straight forward way of implementing your own authentication mechanism - https://stackoverflow.com/questions/34918421/implement-authentication-for-servlet-on-publish-instance-cq5-aem

 

Also, just curious as to why you are doing it in Publish instance? Can you not use the AEM Assets API to upload the image to author instance and then publish it via code?

Few advantages in going this route:

You need not implement any custom authentication.

You need not bother about reverse replication and all the publishes will be in sync.

 

Thanks,

Fani

 

    U
    Adobe Champion
    user55521Adobe ChampionAccepted solution
    Adobe Champion
    September 14, 2021

    Depending on AEM version you can use the Assets HTTP API, so no need to recreate your own API. What you'd need to do is create a user on AEM side that is allowed to perform the required CRUD operations in particular DAM path and use these credentials when making the Assets API calls.

     

    You should also keep in mind however that large ingestion of assets can lead AEM performance issues, so keep an eye out for performance tuning needs.

      A
      Community Advisor
      AlbinIs1Community Advisor
      Community Advisor
      September 14, 2021

      If required, even you can use the OAUTH JWT Bearer Token token to achive your use case(default Assets HTTP API with basic authentication), refer to the following URL for more details - https://medium.com/tech-learnings/how-to-manage-the-protected-aem-resources-through-oauth-2-0-851ce4c7a5ef  (JWT Bearer Token— Server to Server integration)

       

      Regards

      Albin I

      www.albinsblog.com

       

        Terms & ConditionsAccessibility statement

        Loading footer...