Expand my Community achievements bar.

Radically easy to access on brand approved content for distribution and omnichannel performant delivery. AEM Assets Content Hub and Dynamic Media with OpenAPI capabilities is now GA.
SOLVED

Securing servlet

Avatar

Level 6

I have a servlet that provides page content in needed JSON format. This JSON will be used by a third party and I need to provide a security level check to this. How can I provide a token authentication in servlet or in ant service/wrapper before servlet to provide a layer of security. 

This cannot be done by AEM ACL because the requirement is to do it via code using token authentication.

How can this be achieved?

 

1 Accepted Solution

Avatar

Correct answer by
Community Advisor

Hi,
Yes you need it but not in AEM. you can set it up at apache

https://www.cloudsavvyit.com/1361/how-to-setup-basic-http-authentication-on-apache/

 



Arun Patidar

View solution in original post

3 Replies

Avatar

Community Advisor

The alternative could be the basic auth, which can be setup easily at apache level. If that suits your requirement?

 

For token I am no sure if you can validate the token from AEM and consumer from the identity provider.



Arun Patidar

Avatar

Level 6

so for basic auth, do i need to create userID and password in aem useradmin?

Avatar

Correct answer by
Community Advisor

Hi,
Yes you need it but not in AEM. you can set it up at apache

https://www.cloudsavvyit.com/1361/how-to-setup-basic-http-authentication-on-apache/

 



Arun Patidar