I want to disable basic authentication and ran across this thread.  I know this will break replication, but I'm just curious on how to do it.  It appears that I can set HTTP Basic Authentication on http://localhost:4502/system/console/configMgr/org.apache.sling.engine.impl.auth.SlingAuthenticator to Disabled, but that doesn't seem to work on several AEM 6.2 instances I have tested on.  Replication is still working and I can pass the basic authentication headers to the admin UI and it logs me in.

Jörg Hoh wrote...

Let me try to rephrase your problem:

• You need to support basic authentication on your webserver/dispatcher.
• But when you have authenticated yourself and you send an request with basic header to the AEM publish instance, the publish instance promptes you for your credentials (basic auth).

Is that correct?

If that's the case, you are affected by the preemptive authentication approach of Sling. You have 2 choices:

• On all AEM Publish instances, reconfigure the HTTP Basic Authentication to "enabled" (http://localhost:4502/system/console/configMgr/org.apache.sling.engine.impl.auth.SlingAuthenticator)
• You configure your dispatcher not to forward the basic auth headers (/headers section in the dispatcher.any)

HTH,

Jörg

 

Thanks Jorg. This is my case. Could you can give me the instructions more details or reference articles regarding this problem?