Your achievements

Level 1

0% to

Level 2

Tip /
Sign in

Sign in to Community

to gain points, level up, and earn exciting badges like the new
Bedrock Mission!

Learn more

View all

Sign in to view all badges

SOLVED

How to make CQ5 working with enabled basic http authentication dispatcher

tnguyenv
Level 2
Level 2

Hi everyone,

I have a problem about the configuration that to make my AEM public instance (version 5.6.1) working properly in enabled basic http authentication (user/password) dispatcher environment. I got other authentication request from Sling after passed http authentication. I was not aware of this and fail to log in with any my AEM account.

Please help advice me.

Thanks

1 Accepted Solution
Jörg_Hoh
Correct answer by
Employee
Employee

Let me try to rephrase your problem:

  • You need to support basic authentication on your webserver/dispatcher.
  • But when you have authenticated yourself and you send an request with basic header to the AEM publish instance, the publish instance promptes you for your credentials (basic auth).

Is that correct?

If that's the case, you are affected by the preemptive authentication approach of Sling. You have 2 choices:

HTH,

Jörg

View solution in original post

0 Replies
Jörg_Hoh
Correct answer by
Employee
Employee

Let me try to rephrase your problem:

  • You need to support basic authentication on your webserver/dispatcher.
  • But when you have authenticated yourself and you send an request with basic header to the AEM publish instance, the publish instance promptes you for your credentials (basic auth).

Is that correct?

If that's the case, you are affected by the preemptive authentication approach of Sling. You have 2 choices:

HTH,

Jörg

View solution in original post

tnguyenv
Level 2
Level 2

Jörg Hoh wrote...

Let me try to rephrase your problem:

  • You need to support basic authentication on your webserver/dispatcher.
  • But when you have authenticated yourself and you send an request with basic header to the AEM publish instance, the publish instance promptes you for your credentials (basic auth).

Is that correct?

If that's the case, you are affected by the preemptive authentication approach of Sling. You have 2 choices:

HTH,

Jörg

 

Thanks Jorg. This is my case. Could you can give me the instructions more details or reference articles regarding this problem?

25793466
Level 2
Level 2

I want to disable basic authentication and ran across this thread.  I know this will break replication, but I'm just curious on how to do it.  It appears that I can set HTTP Basic Authentication on http://localhost:4502/system/console/configMgr/org.apache.sling.engine.impl.auth.SlingAuthenticator to Disabled, but that doesn't seem to work on several AEM 6.2 instances I have tested on.  Replication is still working and I can pass the basic authentication headers to the admin UI and it logs me in.