I tried to add +/crx/explorer/ui/search.jsp in Apache Sling Authentication Service, but it didn't work. How can I restrict anonymous access /crx/explorer/ui/search.jsp?
Solved! Go to Solution.
Topics help categorize Community content and increase your ability to discover relevant content.
Views
Replies
Total Likes
You cannot with ootb tools. As the CRX Explorer (CRX DE as well!) operates in its own HTTP context, Sling authentication cannot be applied to limit access to specific paths or features of it. When you are authenticated to the repository, you can use all the tools of the CRX Explorer according to the permissions of the underlying repository.
I just want to limit anonymous to access /crx/explorer/ui/search.jsp, I don't want to stop WebDAV.
Views
Replies
Total Likes
That you can restrict through user groups, I don't think there's a default config to disable only specific URL.
Check this blog post by @arunpatidar
https://aemlab.blogspot.com/2020/04/aem-crxde-restriction.html
Hope this helps
Thanks
Is it a bug? Why can anonymous access /crx/explorer/ui/search.jsp?
You have two options here:
Go to http://localhost:4502/system/console/configMgr
Search for org.apache.sling.auth.core.impl.SlingAuthenticator.
This setting tells the Sling authenticator to require authentication for the specified path.
In the configuration, you need to add the following property if it doesn't already exist:
sling.auth.requirements = /crx/explorer/ui/search.jsp
Use CRXDE Lite (http://localhost:4502/crx/de) to set the permissions.to /home/users or wherever you manage your users/groups. You should ensure that the anonymous user does not have read access to /crx/explorer
Option 1 is not available, I have already tried it.
Views
Replies
Total Likes
Apologies, the correct URL for configurations is http://localhost:4502/system/console/configMgr
I mean this method I have tried it before, it did not work.
Views
Replies
Total Likes
You cannot with ootb tools. As the CRX Explorer (CRX DE as well!) operates in its own HTTP context, Sling authentication cannot be applied to limit access to specific paths or features of it. When you are authenticated to the repository, you can use all the tools of the CRX Explorer according to the permissions of the underlying repository.
Views
Likes
Replies
Views
Like
Replies