Expand my Community achievements bar.

Join us in celebrating the outstanding achievement of our AEM Community Member of the Year!
SOLVED

Regex for common files exclusion from auth in a Exclusion-list in SlingAuthenticator

Avatar

Level 1

Functionality : Sharing a link for asset for the user to download the asset. But since there is SlingAuthenticator infront of the files [js and css], the assets are not getting rendered with the styles. So i am trying to add files in /libs/clientlibs and /libs/dam, but adding every single file to exclusion list needs every single file in the exclusion list. But I want a regex like wildcard for those folders to allow all those files. But adding the rule "-/libs/clientlibs/*" is not excluding the file from auth. What is the best possible solution for me. Please help me.

1 Accepted Solution

Avatar

Correct answer by
Level 9

The values set on the Authentication Requirements configuration property or the sling.auth.requirements service registration property can be absolute paths or URLs like the path service registration property of AuthenticationHandler services. This allows the limitation of this setup to certain requests by scheme and/or virtual host address. The requests path (HttpServletRequest.getServletPath() + HttpServletRequest.getPathInfo()) is afterwards matched against the given paths. It matches if it starts with one of the given paths. Examples The LoginServlet contained in the Sling Auth Core bundle registers itself with the service registration property sling.auth.requirements = "-/system/sling/login" to ensure the servlet can be accessed without requiring authentication (checks for slash or dot or end of string). The following request urls would work then without authentication: /system/sling/login /system/sling/login.html /system/sling/login/somesuffix While the following request will still require authentication * /system/sling/login-test An authentication handler may register itself with the service registration property sling.auth.requirements = "-/apps/sample/loginform" to ensure the login form can be rendered without requiring authentication.

View solution in original post

2 Replies

Avatar

Correct answer by
Level 9

The values set on the Authentication Requirements configuration property or the sling.auth.requirements service registration property can be absolute paths or URLs like the path service registration property of AuthenticationHandler services. This allows the limitation of this setup to certain requests by scheme and/or virtual host address. The requests path (HttpServletRequest.getServletPath() + HttpServletRequest.getPathInfo()) is afterwards matched against the given paths. It matches if it starts with one of the given paths. Examples The LoginServlet contained in the Sling Auth Core bundle registers itself with the service registration property sling.auth.requirements = "-/system/sling/login" to ensure the servlet can be accessed without requiring authentication (checks for slash or dot or end of string). The following request urls would work then without authentication: /system/sling/login /system/sling/login.html /system/sling/login/somesuffix While the following request will still require authentication * /system/sling/login-test An authentication handler may register itself with the service registration property sling.auth.requirements = "-/apps/sample/loginform" to ensure the login form can be rendered without requiring authentication.

Avatar

Level 1

This helps me understand how the exclusion list works.