Querying asset in CUG | Community
Skip to main content
Guglielmo_Francesconi
Guglielmo_Francesconi
Level 2
November 19, 2021

Querying asset in CUG

  • November 19, 2021
  • 3 replies
  • 2587 views

Hello,

 

I have the need to retrieve assets through GET calls, only if I'm logged in (reserved assets).

I've tried using the CUG, setting an user as a viewer then, when I've published the folder and also the asset, I try with Postman to access the resource with basic authentication (of course the user that is in the CUG settings of the folder) and I get a resource not found 404 error.

What is the correct process to retrieve those assets with a GET call?

 

Thank you,

 

Guglielmo

 

This post is no longer active and is closed to new replies. Need help? Start a new post to ask your question.

3 replies

Guglielmo_Francesconi
Guglielmo_FrancesconiAuthor
Level 2
November 19, 2021

Updating: 

the error is showing only through the dispatcher, as if I call the asset from the 2 publish instances with the correct basic authentication, the CUG configuration is working as expected. Anybody knows if there is a specific CUG configuration for the dispatchers ?

    arunpatidar
    Community Advisor
    arunpatidarCommunity Advisor
    Community Advisor
    November 19, 2021

    Hi,

    Please check https://experienceleague.adobe.com/docs/experience-manager-dispatcher/using/configuring/permissions-cache.html?lang=en to implement dispatcher changes in order to protect asset properly and with caching.

    Arun Patidar
      Guglielmo_Francesconi
      Guglielmo_FrancesconiAuthor
      Level 2
      November 23, 2021

      Ok, i verified that this configuration is working for .html pages but not for assets, which is what I need.

      I've tried also with the filter 

      /0000
        {
        /glob "*"
        /type "allow"
        }
      }

      and it's still not working for assets 

        arunpatidar
        Community Advisor
        arunpatidarCommunity Advisor
        Community Advisor
        November 23, 2021
        /filter { /0000 { /glob "*" /type "deny" } /0001 { /glob "/content/secure/*.html" /type "allow" } /0010 { /glob "/content/dam/secure/*.pdf" /type "allow"} /0012 { /glob "/content/dam/secure/*.doc" /type "allow"} }
        Arun Patidar
          Guglielmo_Francesconi
          Guglielmo_FrancesconiAuthor
          Level 2
          November 25, 2021

          I've managed to resolve the issue:

           

          • The custom authentication servlet was not being called due to a code error inside a custom 404 handler
          • The authentication servlet was not getting the basic authorization information due to "/clientheaders" section of the dispatcher farm not having the "Authorization" header

           

          Thank you @arunpatidar for all the support!

            arunpatidar
            Community Advisor
            arunpatidarCommunity Advisor
            Community Advisor
            November 27, 2021

            I am glad that finally it works for you.

            Arun Patidar
              Terms & ConditionsAccessibility statement

              Loading footer...