Expand my Community achievements bar.

Don’t miss the AEM Skill Exchange in SF on Nov 14—hear from industry leaders, learn best practices, and enhance your AEM strategy with practical tips.

Enable basic authentication on AEMAaCS stage dispatcher

Avatar

Level 6

Hi All,

 

I have a requirement to enable basic authentication on stage dispatcher. Idea is to create a sample/test user through which stage dispatcher will be accessible.

I was going through below link

https://experienceleaguecommunities.adobe.com/t5/adobe-experience-manager/how-to-enable-basic-authen...

 

But I am not sure how to run the below commands on cloud

htpasswd -c /etc/httpd/conf.d/htaccess/credential.htpasswd testuser

Is there any other way around I can achieve this on AEM cloud environment?

 

Any help is highly appreciated.

 

Thanks,

Pradeep 

5 Replies

Avatar

Employee Advisor

You can run this command on your local machine and include the resulting file in a dispatcher deployment. Technically it's possible, not sure if the constraints given the by the dispatcher in AEM CS allows you to do that.

 

Why do you want to have that? Keeping the google bot and drive-by-traffic out of your stage env? Or is it a more serious requirement for authentication?

Avatar

Level 6

Yes we need to avoid stage data to go to google search engine that is one of the requirement.

 

Now what I did as per the link above 

 

authentication.conf file has below content

 

## unsets authorization header when sending a request to AEM
 
RequestHeader unset Authorization
 
AuthType Basic
 
AuthBasicProvider file
 
AuthUserFile /home/test-project/dispatcher/conf.d/htaccess/credential.htpasswd
 
AuthName "Authentication Required"
 
Require valid-user
 
And this file is included in v host file without any conditions.
<IfModule disp_apache2.c>
Include /home/test-project/dispatcher/conf.d/htaccess/authentication.conf
# Some items cache with the wrong mime type
# Use this option to use the name to auto-detect mime types when cached improperly
ModMimeUsePathInfo On
# Use this option to avoid cache poisioning
# Sling will return /content/image.jpg as well as /content/image.jpg/ but apache can't search /content/image.jpg/ as a file
# Apache will treat that like a directory.  This assures the last slash is never stored in cache
DirectorySlash Off
# Enable the dispatcher file handler for apache to fetch files from AEM
SetHandler dispatcher-handler
</IfModule>
 
Still site is opening without credential popup.
 

Hi

 

Were you able to get this working by any chance. If yes, can you please share the detailed steps followed.

We have the same requirement to enable login popup for basic authentication in dev environment.

Hi,

 

We have used customer managed CDN feature to have basic auth before site opens. Also we have used other option 'custom header' again at CDN layer. Both these solutions worked in our use case. 

And what is the validity of the token once user enters credentials in login pop-up.

I see that login popup comes for first time and after that for subsequent hits its not coming even in incognito mode.