How to restrict anonymous access /crx/explorer/ui/search.jsp | Community
Skip to main content
J
Johann_Lu
Level 4
November 4, 2024
Solved

How to restrict anonymous access /crx/explorer/ui/search.jsp

  • November 4, 2024
  • 3 replies
  • 2352 views

I tried to add +/crx/explorer/ui/search.jsp in Apache Sling Authentication Service, but it didn't work. How can I restrict anonymous access /crx/explorer/ui/search.jsp?

This post is no longer active and is closed to new replies. Need help? Start a new post to ask your question.
Best answer by joerghoh

You cannot with ootb tools. As the CRX Explorer (CRX DE as well!) operates in its own HTTP context, Sling authentication cannot be applied to limit access to specific paths or features of it. When you are authenticated to the repository, you can use all the tools of the CRX Explorer according to the permissions of the underlying repository.

3 replies

PRATHYUSHA_VP
Community Advisor
PRATHYUSHA_VPCommunity Advisor
Community Advisor
November 4, 2024

Hi @johann_lu 

 

Please find the relevant topic below -

 

https://experienceleaguecommunities.adobe.com/t5/adobe-experience-manager/aem-publish-block-access-to-crx/td-p/568597

 

 

    J
    Johann_LuAuthor
    Level 4
    November 4, 2024

    I just want to limit anonymous to access /crx/explorer/ui/search.jsp,  I don't want to stop WebDAV.

    PRATHYUSHA_VP
    Community Advisor
    PRATHYUSHA_VPCommunity Advisor
    Community Advisor
    November 4, 2024

    That you can restrict through user groups, I don't think there's a default config to disable only specific URL.

     

    Check this blog post by @arunpatidar 

    https://aemlab.blogspot.com/2020/04/aem-crxde-restriction.html

     

     

    Hope this helps 

     

    Thanks

      GabrielMircea
      GabrielMircea
      Level 2
      November 5, 2024

      You have two options here:

      1. Update the Apache Sling Authentication Service

      Go to http://localhost:4502/system/console/configMgr

       

      Search for org.apache.sling.auth.core.impl.SlingAuthenticator.

       

      This setting tells the Sling authenticator to require authentication for the specified path.

      In the configuration, you need to add the following property if it doesn't already exist:

      sling.auth.requirements = /crx/explorer/ui/search.jsp

      2. Restrict Access through ACLs

      Use CRXDE Lite (http://localhost:4502/crx/de) to set the permissions.to /home/users or wherever you manage your users/groups. You should ensure that the anonymous user does not have read access to /crx/explorer

        J
        Johann_LuAuthor
        Level 4
        November 5, 2024

        Option 1 is not available, I have already tried it.

        GabrielMircea
        GabrielMircea
        Level 2
        November 6, 2024

        Apologies, the correct URL for configurations is http://localhost:4502/system/console/configMgr

          joerghoh
          Adobe Employee
          joerghohAdobe EmployeeAccepted solution
          Adobe Employee
          November 6, 2024

          You cannot with ootb tools. As the CRX Explorer (CRX DE as well!) operates in its own HTTP context, Sling authentication cannot be applied to limit access to specific paths or features of it. When you are authenticated to the repository, you can use all the tools of the CRX Explorer according to the permissions of the underlying repository.

            Terms & ConditionsAccessibility statement

            Loading footer...