Expand my Community achievements bar.

Don’t miss the AEM Skill Exchange in SF on Nov 14—hear from industry leaders, learn best practices, and enhance your AEM strategy with practical tips.

How to enable Basic Authentication for Non-Prod AEM websites? | Support Authenticated Performance Testing with Cloud Manager | AEM Community Blog Seeding

Avatar

Administrator

BlogImage.jpg

How to enable Basic Authentication for Non-Prod AEM websites? | Support Authenticated Performance Te... by Albin Issac

Abstract

Enable Basic Authentication:
Most of the time we will have the use case to enable basic authentication for non-prod AEM websites to avoid non authenticated users accessing the content(another option is through IP whitelisting) also avoiding the non-prod contents getting indexed through google search(another approach to avoid the indexing is through Robots meta tag)
Easy to use generic user name/password for every website so that only the users know those credentials can access the password(if you need more security go with site-specific users or individual users)
In AEM the basic authentication can be enabled quickly through Dispatcher(Apache)
Create a common configuration file for authentication — /conf.d/htaccess/authentication.conf
## unsets authorization header when sending a request to AEM
RequestHeader unset Authorization
AuthType Basic
AuthBasicProvider file
AuthUserFile /etc/httpd/conf.d/htaccess/credential.htpasswd
AuthName “Authentication Required”
Require valid-user
Include this file into the individual Virtual Hosts


Include /etc/httpd/conf.d/htaccess/authentication.conf

The ENV_TYPE can be set as an Environment variable e.g /etc/sysconfig/httpd (for AMS environment the required environment variables will be enabled by default)
ENV_TYPE=’dev’
Create the credential file, execute the below command, you will be prompted to enter the password
htpasswd -c /etc/httpd/conf.d/htaccess/credential.htpasswd testuser
Execute the below command, to add additional users if required
htpasswd /etc/httpd/conf.d/htaccess/credential.htpasswd testuser1
Restart the Apache server, now basic authentication is enabled for the websites.

Read Full Blog

How to enable Basic Authentication for Non-Prod AEM websites? | Support Authenticated Performance Te...

Q&A

Please use this thread to ask the related questions.



Kautuk Sahni
3 Replies

Avatar

Employee Advisor

Hi Kautak,

 

One of my customers followed the same steps on their instance. The deployment gets successful but when they try to open the web-page after asking for username and password, they receive an Error[1], would you be able to help here:

[1]

Tue May 09 02:16:21.074781 2023 [ssl:warn] [pid 1:tid 140143251708744] [cm-p24556-e75237-aem-publish-66f686d98f-sqhdk] AH01873: Init: Session Cache is not configured [hint: SSLSessionCache]
Tue May 09 02:16:21.078458 2023 [mpm_worker:notice] [pid 1:tid 140143251708744] [cm-p24556-e75237-aem-publish-66f686d98f-sqhdk] AH00292: Apache/2.4.57 (Unix) OpenSSL/3.0.8 Communique/4.3.5-20230411 mod_qos/11.71 configured -- resuming normal operations
Tue May 09 02:16:21.078484 2023 [core:notice] [pid 1:tid 140143251708744] [cm-p24556-e75237-aem-publish-66f686d98f-sqhdk] AH00094: Command line: 'httpd -d /etc/httpd -f /etc/httpd/conf/httpd.conf -D FOREGROUND -D ENVIRONMENT_DEV'
Tue May 09 02:16:21.078719 2023 [mpm_worker:warn] [pid 1:tid 140143251708744] [cm-p24556-e75237-aem-publish-66f686d98f-sqhdk] AH00291: long lost child came home! (pid 106)
Tue May 09 02:16:21.078893 2023 [mpm_worker:warn] [pid 1:tid 140143251708744] [cm-p24556-e75237-aem-publish-66f686d98f-sqhdk] AH00291: long lost child came home! (pid 107)
Tue May 09 02:16:33.166220 2023 [ssl:warn] [pid 1:tid 140048583609160] [cm-p24556-e75237-aem-publish-66f686d98f-cr7nr] AH01873: Init: Session Cache is not configured [hint: SSLSessionCache]
Tue May 09 02:16:33.168898 2023 [mpm_worker:notice] [pid 1:tid 140048583609160] [cm-p24556-e75237-aem-publish-66f686d98f-cr7nr] AH00292: Apache/2.4.57 (Unix) OpenSSL/3.0.8 Communique/4.3.5-20230411 mod_qos/11.71 configured -- resuming normal operations
Tue May 09 02:16:33.168932 2023 [core:notice] [pid 1:tid 140048583609160] [cm-p24556-e75237-aem-publish-66f686d98f-cr7nr] AH00094: Command line: 'httpd -d /etc/httpd -f /etc/httpd/conf/httpd.conf -D FOREGROUND -D ENVIRONMENT_DEV'
Tue May 09 02:16:33.169041 2023 [mpm_worker:warn] [pid 1:tid 140048583609160] [cm-p24556-e75237-aem-publish-66f686d98f-cr7nr] AH00291: long lost child came home! (pid 104)
Tue May 09 02:16:33.169211 2023 [mpm_worker:warn] [pid 1:tid 140048583609160] [cm-p24556-e75237-aem-publish-66f686d98f-cr7nr] AH00291: long lost child came home! (pid 105)
Tue May 09 02:30:02.840783 2023 [authn_file:error] [pid 293:tid 140143236307768] [cm-p24556-e75237-aem-publish-66f686d98f-sqhdk] (2)No such file or directory: [client 13.54.132.42:0] AH01620: Could not open password file: /etc/httpd/conf.d/htaccess/_htpasswd

Avatar

Administrator

I have asked the original author of the blog (Albin) to review this. He is on vacation, so please expect some delays. 



Kautuk Sahni

Avatar

Employee Advisor

Hi @ManviSharma ,

 

Can you check with the customer if they have not added some extra "/" or "." in the path? I recently did it for a customer.

Feel free to reach out to me over the slack.

 

BTW, If I look at the screenshot I do not see that 

 

Regards,

Nitesh