Expand my Community achievements bar.

SOLVED

Restrict AEM DAM folder on publisher to unauthorized users

Avatar

Level 4

We'd like to restrict an AEM DAM folder on our publisher instance to prevent users not logged-in from getting access to content. We've set up allow access for the logged in roles and deny for the anonymous role. However we get the following error message on the publisher after making the changes: 01.02.2024 13:11:45.124 *INFO* [qtp853971411-3345] org.apache.sling.auth.core.impl.SlingAuthenticator handleLoginFailure: Unable to authenticate anonymous user: Not a user anonymous

 

Code in YAML (AC Tool)

    - anonymous:

        - path: /content/dam/locked-content/
          permission: deny
          privileges: jcr:all

 

1 Accepted Solution

Avatar

Correct answer by
Community Advisor
5 Replies

Avatar

Community Advisor

@stiegjo22 You can apply a closed user group on your DAM folder that lets only users from that group access the asset folder.

 

https://medium.com/tech-learnings/adobe-experience-manager-enable-gated-content-in-aem-9113702e762c

 

 

Avatar

Level 4

Yes - we considered that option but our content authors did not want to make this type of update. They said it hasn't worked well in the past for managing permissions so we're trying to control them in the ACL. Thanks.

Avatar

Community Advisor

@stiegjo22  In that case, you may want to setup a filter that intercepts this request and then you can use any attribute (session variable , cookies etc) to validate whether the user is logged in or not and based on that you can either let the request pass and move forward. if the user is not logged in, you can simply return a response from the filter with appropriate response message. 

 

Just ensure that your filter is tied to this asset folder path only.

Avatar

Level 4

That sounds like a great suggestion. Do you have any examples that I can review? Thanks.

Avatar

Correct answer by
Community Advisor