Unsecured Page or anonymous page access

Avatar

Avatar

suresh_kumar_ve

Avatar

suresh_kumar_ve

suresh_kumar_ve

15-10-2015

Hi All, I am working on AEM 5.6.1 and trying to grant anonymous/unsecured(access the page without logging in) page access in author instance. 

Had granted read permission to the test page as shown in the attachment[img]access.jpg[/img]

Please suggest what is that I need to modify to get this accessed by anonymous users without logging into the CQ author instance.

Thanks.

-Suresh Kumar.

Accepted Solutions (1)

Accepted Solutions (1)

Avatar

Avatar

Sham_HC

Total Posts

2.1K

Likes

158

Correct Reply

1.2K

Avatar

Sham_HC

Total Posts

2.1K

Likes

158

Correct Reply

1.2K
Sham_HC

15-10-2015

What is your usecase? Seems something not correct to have everyone access for few pages at author instance. 

However along with permission You need to select "Allow Anonymous Access" at http://localhost:4502/system/console/configMgr/org.apache.sling.engine.impl.auth.SlingAuthenticator

Answers (6)

Answers (6)

Avatar

Avatar

anupamp17770278

Avatar

anupamp17770278

anupamp17770278

28-03-2019

I was able to apply the anonymous access to a single page, but the clientlibs are not loading/blocked, not even the OOTB ones e.g. /etc/clientlibs/foundation/personalization/kernal due to the anonymous access, I suppose these urls(clientlibs) also need anonymous access, there are at-least 15 of them blocked. I provided the access to each which is a tiring job, and could still not achieve the access properly as it asked to login when I added  /etc/clientlibs/foundation/personalization/kernal, any way I can achieve this?

Avatar

Avatar

suresh_kumar_ve

Avatar

suresh_kumar_ve

suresh_kumar_ve

15-10-2015

Sham, I tried configuring vanity URL with "/health/heartbeat" but it does not work but it works if it is just one word ex: heartbeat

and from Forum I saw it is a known issue with Vanity URL having restrictions and so went ahead with sling:internalRedirect.

Avatar

Avatar

Sham_HC

Total Posts

2.1K

Likes

158

Correct Reply

1.2K

Avatar

Sham_HC

Total Posts

2.1K

Likes

158

Correct Reply

1.2K
Sham_HC

15-10-2015

Configure vanity url with /health/heartbeat

Avatar

Avatar

suresh_kumar_ve

Avatar

suresh_kumar_ve

suresh_kumar_ve

15-10-2015

Thanks Sham, agreed with your response.

But, in my case the client needs the url strictly to be

http://[host]:8080/health/heartbeat

- which does not contain any /content,

- should run on specified port by their standard

- no extension 

- anonymously accessible

So, I had to create sling match for this url and anonymously accessible as you briefed.

Please clarify, is there any security threat if I have enabled anonymous read access to few required pages in our environments ?

Thanks.

Suresh.

Avatar

Avatar

Sham_HC

Total Posts

2.1K

Likes

158

Correct Reply

1.2K

Avatar

Sham_HC

Total Posts

2.1K

Likes

158

Correct Reply

1.2K
Sham_HC

15-10-2015

For use case You can use existing page [1] for it depending on aem version.

[1]  http://<host>:<port>/libs/cq/core/content/login.html

http://<host>:<port>//libs/granite/core/content/login.html

Avatar

Avatar

suresh_kumar_ve

Avatar

suresh_kumar_ve

suresh_kumar_ve

15-10-2015

fantastic !! Thanks Sham, it worked fine and also I have narrowed the read permission only to the test page, removing read access for content also and still it works fine.

UseCase: We have healthcheck impl for which we need the script to access an static AEM page anonymously to check if the system is up and running fine(heartbeat).