Your achievements

Level 1

0% to

Level 2

Tip /
Sign in

Sign in to Community

to gain points, level up, and earn exciting badges like the new
Bedrock Mission!

Learn more

View all

Sign in to view all badges

SOLVED

Remove editor screen from publish instance

tirthtimaniya
Level 2
Level 2

Hello All,

I have created one site and published it into the publish server.

but if i give editor.html the URL I can edit the page..

So how can I remove or restrict a user to edit page or template in publish instance.

Thank you

1 Accepted Solution
Jörg_Hoh
Correct answer by
Employee
Employee

That is still possible, but unless if you are logged in, you cannot edit the page.

If you follow the AEM security checklist, it lists some URLs which should be blocked on the dispatcher level to prevent exactly this usecase.

View solution in original post

0 Replies
Prince_Shivhare
Community Advisor
Community Advisor

Can you first check if your server is running in publish instance or not?

you can check it under

system/console then click on status and Sling settings.

check the Run modes there. if it is an author or publisher.

~ Prince

tirthtimaniya
Level 2
Level 2

Hello Prince,

Thank you for response I have checked and it looks like

Apache Sling Settings

Sling ID = f3541358-985d-403e-91e3-031107636d30

Sling Name = Instance f3541358-985d-403e-91e3-031107636d30

Sling Description = Instance with id f3541358-985d-403e-91e3-031107636d30 and run modes [s7connect, crx3, samplecontent, publish, crx3tar]

Sling Home = D:\projects\AEM Demo Site\publish-server\crx-quickstart

Sling Home URL = file:/D:/projects/AEM%20Demo%20Site/publish-server/crx-quickstart/

Run Modes = [s7connect, crx3, samplecontent, publish, crx3tar]

AEM Instance in publish mode.

What other configuration require ?

Gaurav-Behl
Community Advisor
Community Advisor

I'm able to reproduce this behavior in 6.4.3 but I'm not sure if it is expected or a bug.

http://localhost:4503/editor.html/content/we-retail/us/en.html displays the "Edit" mode but doesn't load the Editor layer on page and each component hence the components are not editable irrespective of authenticated vs unauthenticated users on publish server.

tirthtimaniya
Level 2
Level 2

Yes gauravb41175071

I have also gone through the WE-Retail Site

yes  you are right

we-retail site content is not editable at publish instance.

So do you have any idea how can we hide editor console from publish instance?

Prince_Shivhare
Community Advisor
Community Advisor

Can you please check in configMgr. WCM filter. what is the value there?

disabled or edit ?

mr_chawla
Level 2
Level 2

Hi tirthtimaniya

If you are on publisher make sure that /system/console/configMgr/com.day.cq.wcm.core.WCMRequestFilter is in "Disabled" mode.

Regards,

Sumeet

Jörg_Hoh
Correct answer by
Employee
Employee

That is still possible, but unless if you are logged in, you cannot edit the page.

If you follow the AEM security checklist, it lists some URLs which should be blocked on the dispatcher level to prevent exactly this usecase.

tirthtimaniya
Level 2
Level 2

sumeetc5738183​ Thank you  brother. I saw it is in disable mode but what if I want to delete that?

Right now if I go to editor.html it will not allow me to edit content just like we-retail site but what If I want to disable or remove it?

as far as I get to know that if I am not logged in into CRX I wont be able to hit editor.html URL.

Anyways thank you for the response