Regex for common files exclusion from auth in a Exclusion-list in SlingAuthenticator | Adobe Higher Education
Skip to main content
venkatam2558418
venkatam2558418
February 6, 2018
해결됨

Regex for common files exclusion from auth in a Exclusion-list in SlingAuthenticator

  • February 6, 2018
  • 2 답변들
  • 1546 조회

Functionality : Sharing a link for asset for the user to download the asset. But since there is SlingAuthenticator infront of the files [js and css], the assets are not getting rendered with the styles. So i am trying to add files in /libs/clientlibs and /libs/dam, but adding every single file to exclusion list needs every single file in the exclusion list. But I want a regex like wildcard for those folders to allow all those files. But adding the rule "-/libs/clientlibs/*" is not excluding the file from auth. What is the best possible solution for me. Please help me.

이 주제는 답변이 닫혔습니다.
최고의 답변: Hemant_arora

The values set on the Authentication Requirements configuration property or the sling.auth.requirements service registration property can be absolute paths or URLs like the path service registration property of AuthenticationHandler services. This allows the limitation of this setup to certain requests by scheme and/or virtual host address. The requests path (HttpServletRequest.getServletPath() + HttpServletRequest.getPathInfo()) is afterwards matched against the given paths. It matches if it starts with one of the given paths. Examples The LoginServlet contained in the Sling Auth Core bundle registers itself with the service registration property sling.auth.requirements = "-/system/sling/login" to ensure the servlet can be accessed without requiring authentication (checks for slash or dot or end of string). The following request urls would work then without authentication: /system/sling/login /system/sling/login.html /system/sling/login/somesuffix While the following request will still require authentication * /system/sling/login-test An authentication handler may register itself with the service registration property sling.auth.requirements = "-/apps/sample/loginform" to ensure the login form can be rendered without requiring authentication.

2 답변

Hemant_arora
Hemant_arora답변
Level 8
February 6, 2018

The values set on the Authentication Requirements configuration property or the sling.auth.requirements service registration property can be absolute paths or URLs like the path service registration property of AuthenticationHandler services. This allows the limitation of this setup to certain requests by scheme and/or virtual host address. The requests path (HttpServletRequest.getServletPath() + HttpServletRequest.getPathInfo()) is afterwards matched against the given paths. It matches if it starts with one of the given paths. Examples The LoginServlet contained in the Sling Auth Core bundle registers itself with the service registration property sling.auth.requirements = "-/system/sling/login" to ensure the servlet can be accessed without requiring authentication (checks for slash or dot or end of string). The following request urls would work then without authentication: /system/sling/login /system/sling/login.html /system/sling/login/somesuffix While the following request will still require authentication * /system/sling/login-test An authentication handler may register itself with the service registration property sling.auth.requirements = "-/apps/sample/loginform" to ensure the login form can be rendered without requiring authentication.

    venkatam2558418
    venkatam2558418작성자
    February 6, 2018

    This helps me understand how the exclusion list works.

    약관 및 조건Accessibility statement

    Loading footer...