Expand my Community achievements bar.

SOLVED

Password protecting staging publisher instance in AEM 6.2

Avatar

Level 3

Hi,

Looking for a simple and effective way to password protect one of our staging publisher instance websites that mirrors content from a production instance under a subdomain. Can this be done through AEM somehow?

 

Thanks

1 Accepted Solution

Avatar

Correct answer by
Level 3
Decided to go with the Apache basic authentication approach as it is the easiest for our specific requirements. Thanks everyone for your help!

View solution in original post

8 Replies

Avatar

Employee Advisor

The simplest approach is to enable basic authentication on the webserver sitting in front of your staging publish instances. Implementing it with AEM requires more work (and you would implement a feature specifically for non-PROD environments ...).

Jörg

Avatar

Level 3

MC Stuff wrote...

Hi Alex,

   Another option is having Authentication Requirements with value of +/  at http://host:port/system/console/configMgr/org.apache.sling.engine.impl.auth.SlingAuthenticator

Thanks,

 

I like the simplicity of this. When I enable this for a path and attempt to go to that path (locally on the instance - not even through dispatcher), it does not give me the login prompt but instead a 403 error along with:

"You don't have permission to access /system/sling/form/login on this server."

How can I enable this for anonymous users to authenticate? 

 

Thank you very much for your help!

-Alex

Avatar

Level 9

AlexRizzuto wrote...

How can I enable this for anonymous users to authenticate? 

 

Sounds like your installation nosamplecontent. Map default login page Or site level at /system/console/configMgr/com.day.cq.auth.impl.LoginSelectorHandler

If you don't have custom login page configure to /libs/granite/core/content/login

Avatar

Level 6

Hi Alex,

Directly try to hit the/libs/granite/core/content/login.html page you will see the login screen after login again it will re-directs to the geometrics page. You have to enter the Url in the browser after the login it will open a specific page. In 6.2 I tried updating the loginselectorhandler with the AEM login page but it didn't work for me. But we can be able to hit the login Url directly in the browser. 

 

Thanks

Avatar

Level 3

If you are looking for generalized authentication, then use apache basic authentication. It works seamlessly. 

<Directory C:/Adobe/Apache2.2/htdocs/mysite.com>
        AuthType Basic
        AuthName "Authenticated"
        AuthUserFile C:/Adobe/Apache2.2/.htpasswd
        Require valid-user
    </Directory>

Avatar

Correct answer by
Level 3
Decided to go with the Apache basic authentication approach as it is the easiest for our specific requirements. Thanks everyone for your help!

Avatar

Level 3

We are looking to do a similar thing - In our httpd.conf we have all the dispatcher stuff and also some basic auth directives.  It is presenting the challenge but this is shown on top of the actual rendered page. How did you set up httpd.conf and where were the relevant directives?

We have tried with Directory and Location and the same happens.

One thing that might be slightly different is that we are trying to test this on a part of the website eg for testing we are trying to put basic auth behind the woman's page on we-retail /content/we-retail/us/en/women

Thanks