Expand my Community achievements bar.

SOLVED

How to Disable crx/de in author and publish instances for content-authors.

Avatar

Level 3

Hello All,

Can someone help me how to disable the crx/de to content authors in AEM author and publish instances. I am able to disable from welcome screen (How to limit access to CRX and CRXDE Light )but when author comes and types localhost:4502/crx/de/index.jsp he is able to see the nodes inside it.

I went through helpx docs and i didn't find anything related to it.

Thanks,
Adithya.

1 Accepted Solution

Avatar

Correct answer by
Community Advisor

You can try to implement a filter and if url contains /crx/, based on the user you can redirect users to the same page or AEM home page.

example

aem63app-repo/CustomScreenFilter.java at master · arunpatidar02/aem63app-repo · GitHub



Arun Patidar

View solution in original post

8 Replies

Avatar

Community Advisor

My perspective the direct author IP or host name should not be exposed to content authors

Create a custom domain for authors e.g author-uat.test.com and enable the same in dispatcher with required rules to block the URL's.

Even it will be better to configure the URL with some SSO solutions so that user wont login directly with AEM users.

Regards

Albin I

Avatar

Level 3

albinissac​ Thanks for the solution. But I am looking here if there is anyway to achieve this without custom domain. Just disable the crx/de or even if they login they should just see empty(I.e no nodes).

Thanks,
Adithya.

Avatar

Employee Advisor

Crxde access cannot be managed by ACL's as it is installed as a bundle and its not a node in repository where you can go and add deny/allow access.

You have two options:

- Completely disable the crxde for all users by stopping the crxde bundle(Check [1])

- Keep it enabled and users will be able to see nodes based on their access. Example, If a user does not have read access on /apps, that user will not see the "/apps" directory in crxde.

[1] https://www.aemquickstart.in/2015/11/how-to-disable-crxde-and-crxde-lite.html

Avatar

Level 3

JaideepBrar​ Thanks for the answer.

I would love to choose option one where I can stop the bundle. But for debugging or checking when there is an issue at least I need "Admin" user have access to crx/de which will be very useful and needed.

Avatar

Correct answer by
Community Advisor

You can try to implement a filter and if url contains /crx/, based on the user you can redirect users to the same page or AEM home page.

example

aem63app-repo/CustomScreenFilter.java at master · arunpatidar02/aem63app-repo · GitHub



Arun Patidar

Avatar

Level 4
is there a way to block crx Only for Content-Authors? (by usage of permissions through /useradmin?)

Avatar

Community Advisor

@Shaheena_Sk May be you can have a separate group for content author in usersdmin console and restrict the access to /crx/ path for that group.