Adobe Experience Manager Sites & More

Report · 1/20/16

Hello,

Using: AEM 6.1.0

We are in middle on the developing of our first website. The content and code is transferred correctly to the publish instance.

Trying to render a page on publish, does not work as anonymous, but works as admin. So I guess it is a permissions problem for the user anonymous, who has only (standard) access to /content and /bin.

I could not find any documentation, which permissions to give to the anonymous user except for an article on stack overflow.

Here it was suggested to give him read on everything and let the dispatcher deny any direct access to /apps, /etc and other folders...

This seems like a bad security concept, letting a web server handle the security.

Is this the only possible way to do this?

Kind regards,

Jerry

Report · 1/20/16

Problem solved:

Template from the developers tried to read sth beneath /etc/siteconfig. (some parameters for the website are stored here, like how many news to show, etc...)

"Anonymous" had no access to that /etc/siteconfig.

What I don't understand is:

Why does the system checks if a user has the permission to read that content, that a template needs?

"anonymous" has no rights to read the code from the components, but they still get exectued?!

View solution in original post

Lokesh_Shivalingaiah · 1/20/16

couple of questions.

Are you able to access /content/geometrixx/en.html without login which is the default behaviour of publisher ?

When you say it doesnt render, does it throw 404 or is it partially rendered ?

Premkarthic-7WP · 1/20/16

Did you moved rep:policy node along with your content to publish?

If so, please check for the existence of rep:policy node in publish instandce under your project content path, it might cause the issue.

Report · 1/20/16

bsloki wrote...

couple of questions.

Are you able to access /content/geometrixx/en.html without login which is the default behaviour of publisher ?

When you say it doesnt render, does it throw 404 or is it partially rendered ?

I installed with "nosamplecontent", so there is no geometrixx.
Logged in as admin: renders the page perfectly
Being "anonymous":
java.lang.reflect.InvocationTargetException
RequestURI=/content/conseil_etat/fr/composition0.html
Servlet= /apps/global/components/page/basepage/basepage.jsp

Premkarthic wrote...

Did you moved rep:policy node along with your content to publish?

If so, please check for the existence of rep:policy node in publish instandce under your project content path, it might cause the issue.

If I'm logged in as admin, I can see the rep:policy under /content
If I'm logged out, I can't see any rep:policy ( but I guess this is the correct behaviour)

Premkarthic-7WP · 1/20/16

That is expected behavior.

Did you applied any acl at author and moved the same to publish instance, if so please remove the same from publish and check.

Report · 1/20/16

I never replicated any ACL's. I created new ones for the replication agent, but this should not have impacted the "anonymou" user. I did not change the "everyone" group (picture attached).

Lokesh_Shivalingaiah · 1/20/16

Is this happening for all the pages or any specific page ?

Report · 1/20/16

All the pages

Report · 1/20/16

Problem solved:

Template from the developers tried to read sth beneath /etc/siteconfig. (some parameters for the website are stored here, like how many news to show, etc...)

"Anonymous" had no access to that /etc/siteconfig.

What I don't understand is:

Why does the system checks if a user has the permission to read that content, that a template needs?

"anonymous" has no rights to read the code from the components, but they still get exectued?!

Adobe Experience Manager Sites & More

Permissions on Publish for anonymous

java.lang.reflect.InvocationTargetException

Learn

Documentation

Community

Support

Resources

Adobe account

Adobe