Remove editor screen from publish instance

Avatar

Avatar

tirthtimaniya

Avatar

tirthtimaniya

tirthtimaniya

08-03-2019

Hello All,

I have created one site and published it into the publish server.

but if i give editor.html the URL I can edit the page..

So how can I remove or restrict a user to edit page or template in publish instance.

Thank you

Accepted Solutions (1)

Accepted Solutions (1)

Avatar

Avatar

Jörg_Hoh

Employee

Total Posts

3.0K

Likes

910

Correct Answer

1.0K

Avatar

Jörg_Hoh

Employee

Total Posts

3.0K

Likes

910

Correct Answer

1.0K
Jörg_Hoh
Employee

11-03-2019

That is still possible, but unless if you are logged in, you cannot edit the page.

If you follow the AEM security checklist, it lists some URLs which should be blocked on the dispatcher level to prevent exactly this usecase.

Answers (7)

Answers (7)

Avatar

Avatar

mr_chawla

Avatar

mr_chawla

mr_chawla

11-03-2019

Hi tirthtimaniya

If you are on publisher make sure that /system/console/configMgr/com.day.cq.wcm.core.WCMRequestFilter is in "Disabled" mode.

Regards,

Sumeet

Avatar

Avatar

tirthtimaniya

Avatar

tirthtimaniya

tirthtimaniya

11-03-2019

sumeetc5738183​ Thank you  brother. I saw it is in disable mode but what if I want to delete that?

Right now if I go to editor.html it will not allow me to edit content just like we-retail site but what If I want to disable or remove it?

as far as I get to know that if I am not logged in into CRX I wont be able to hit editor.html URL.

Anyways thank you for the response

Avatar

Avatar

Prince_Shivhare

Avatar

Prince_Shivhare

Prince_Shivhare

11-03-2019

Can you please check in configMgr. WCM filter. what is the value there?

disabled or edit ?

Avatar

Avatar

tirthtimaniya

Avatar

tirthtimaniya

tirthtimaniya

10-03-2019

Yes gauravb41175071

I have also gone through the WE-Retail Site

yes  you are right

we-retail site content is not editable at publish instance.

So do you have any idea how can we hide editor console from publish instance?

Avatar

Avatar

Gaurav-Behl

MVP

Total Posts

1.1K

Likes

226

Correct Answer

281

Avatar

Gaurav-Behl

MVP

Total Posts

1.1K

Likes

226

Correct Answer

281
Gaurav-Behl
MVP

08-03-2019

I'm able to reproduce this behavior in 6.4.3 but I'm not sure if it is expected or a bug.

http://localhost:4503/editor.html/content/we-retail/us/en.html displays the "Edit" mode but doesn't load the Editor layer on page and each component hence the components are not editable irrespective of authenticated vs unauthenticated users on publish server.

Avatar

Avatar

tirthtimaniya

Avatar

tirthtimaniya

tirthtimaniya

08-03-2019

Hello Prince,

Thank you for response I have checked and it looks like

Apache Sling Settings

Sling ID = f3541358-985d-403e-91e3-031107636d30

Sling Name = Instance f3541358-985d-403e-91e3-031107636d30

Sling Description = Instance with id f3541358-985d-403e-91e3-031107636d30 and run modes [s7connect, crx3, samplecontent, publish, crx3tar]

Sling Home = D:\projects\AEM Demo Site\publish-server\crx-quickstart

Sling Home URL = file:/D:/projects/AEM%20Demo%20Site/publish-server/crx-quickstart/

Run Modes = [s7connect, crx3, samplecontent, publish, crx3tar]

AEM Instance in publish mode.

What other configuration require ?

Avatar

Avatar

Prince_Shivhare

Avatar

Prince_Shivhare

Prince_Shivhare

08-03-2019

Can you first check if your server is running in publish instance or not?

you can check it under

system/console then click on status and Sling settings.

check the Run modes there. if it is an author or publisher.

~ Prince