Querying asset in CUG | Community
Skip to main content
Guglielmo_Francesconi
Guglielmo_Francesconi
Level 2
November 19, 2021

Querying asset in CUG

  • November 19, 2021
  • 3 replies
  • 2591 views

Hello,

 

I have the need to retrieve assets through GET calls, only if I'm logged in (reserved assets).

I've tried using the CUG, setting an user as a viewer then, when I've published the folder and also the asset, I try with Postman to access the resource with basic authentication (of course the user that is in the CUG settings of the folder) and I get a resource not found 404 error.

What is the correct process to retrieve those assets with a GET call?

 

Thank you,

 

Guglielmo

 

This post is no longer active and is closed to new replies. Need help? Start a new post to ask your question.

3 replies

Guglielmo_Francesconi
Guglielmo_FrancesconiAuthor
Level 2
November 19, 2021

Updating: 

the error is showing only through the dispatcher, as if I call the asset from the 2 publish instances with the correct basic authentication, the CUG configuration is working as expected. Anybody knows if there is a specific CUG configuration for the dispatchers ?

    arunpatidar
    Community Advisor
    arunpatidarCommunity Advisor
    Community Advisor
    November 19, 2021

    Hi,

    Please check https://experienceleague.adobe.com/docs/experience-manager-dispatcher/using/configuring/permissions-cache.html?lang=en to implement dispatcher changes in order to protect asset properly and with caching.

    Arun Patidar
      Guglielmo_Francesconi
      Guglielmo_FrancesconiAuthor
      Level 2
      November 23, 2021

      Ok, i verified that this configuration is working for .html pages but not for assets, which is what I need.

      I've tried also with the filter 

      /0000
        {
        /glob "*"
        /type "allow"
        }
      }

      and it's still not working for assets 

        arunpatidar
        Community Advisor
        arunpatidarCommunity Advisor
        Community Advisor
        November 24, 2021

        I've already used this kind of filter and it seems to be working, but only for non-secured folders, which is not so useful in my opinion. 
        These are the cases for the postman calls:

        •  /content/dam/secure has CUG user set:
          • ✅ Publisher without CUG basic auth: not working 
          • ✅ Publisher with CUG basic auth: working
          • ✅ Dispatcher without CUG basic auth: not working (no HEAD servlet auth call)
          • ❌Dispatcher with CUG basic auth: not working (no HEAD servlet auth call)
        • /content/dam/secure has no CUG user set:
          • ✅ Publisher without CUG basic auth: working
          • ✅ Publisher with CUG basic auth: working
          • ✅ Dispatcher without CUG basic auth: working (HEAD servlet auth call)
          • ✅ Dispatcher with CUG basic auth: working (HEAD servlet auth call)

        Hi,

        For assets, if you applied cug, it will only applied for the immediate child asset.
        Could you try to add cug to asset and check, if you are getting head request or not.

        Ideally it should work.

        we are also using this feature to protect page as well asset.

        Arun Patidar
          Guglielmo_Francesconi
          Guglielmo_FrancesconiAuthor
          Level 2
          November 25, 2021

          I've managed to resolve the issue:

           

          • The custom authentication servlet was not being called due to a code error inside a custom 404 handler
          • The authentication servlet was not getting the basic authorization information due to "/clientheaders" section of the dispatcher farm not having the "Authorization" header

           

          Thank you @arunpatidar for all the support!

            arunpatidar
            Community Advisor
            arunpatidarCommunity Advisor
            Community Advisor
            November 27, 2021

            I am glad that finally it works for you.

            Arun Patidar
              Terms & ConditionsAccessibility statement

              Loading footer...