We'd like to restrict an AEM DAM folder on our publisher instance to prevent users not logged-in from getting access to content. We've set up allow access for the logged in roles and deny for the anonymous role. However we get the following error message on the publisher after making the changes: 01.02.2024 13:11:45.124 *INFO* [qtp853971411-3345] org.apache.sling.auth.core.impl.SlingAuthenticator handleLoginFailure: Unable to authenticate anonymous user: Not a user anonymous
Code in YAML (AC Tool)
- anonymous:
- path: /content/dam/locked-content/
permission: deny
privileges: jcr:all
Solved! Go to Solution.
Views
Replies
Total Likes
@stiegjo22 You can apply a closed user group on your DAM folder that lets only users from that group access the asset folder.
https://medium.com/tech-learnings/adobe-experience-manager-enable-gated-content-in-aem-9113702e762c
Yes - we considered that option but our content authors did not want to make this type of update. They said it hasn't worked well in the past for managing permissions so we're trying to control them in the ACL. Thanks.
@stiegjo22 In that case, you may want to setup a filter that intercepts this request and then you can use any attribute (session variable , cookies etc) to validate whether the user is logged in or not and based on that you can either let the request pass and move forward. if the user is not logged in, you can simply return a response from the filter with appropriate response message.
Just ensure that your filter is tied to this asset folder path only.
That sounds like a great suggestion. Do you have any examples that I can review? Thanks.
Views
Likes
Replies