I was able to apply the anonymous access to a single page, but the clientlibs are not loading/blocked, not even the OOTB ones e.g. /etc/clientlibs/foundation/personalization/kernal due to the anonymous access, I suppose these urls(clientlibs) also need anonymous access, there are at-least 15 of them blocked. I provided the access to each which is a tiring job, and could still not achieve the access properly as it asked to login when I added  /etc/clientlibs/foundation/personalization/kernal, any way I can achieve this?

Sham, I tried configuring vanity URL with "/health/heartbeat" but it does not work but it works if it is just one word ex: heartbeat

and from Forum I saw it is a known issue with Vanity URL having restrictions and so went ahead with sling:internalRedirect.

Configure vanity url with /health/heartbeat

Thanks Sham, agreed with your response.

But, in my case the client needs the url strictly to be

http://[host]:8080/health/heartbeat

- which does not contain any /content,

- should run on specified port by their standard

- no extension 

- anonymously accessible

So, I had to create sling match for this url and anonymously accessible as you briefed.

Please clarify, is there any security threat if I have enabled anonymous read access to few required pages in our environments ?

Thanks.

Suresh.

For use case You can use existing page [1] for it depending on aem version.

[1]  http://<host>:<port>/libs/cq/core/content/login.html

http://<host>:<port>//libs/granite/core/content/login.html

fantastic !! Thanks Sham, it worked fine and also I have narrowed the read permission only to the test page, removing read access for content also and still it works fine.

UseCase: We have healthcheck impl for which we need the script to access an static AEM page anonymously to check if the system is up and running fine(heartbeat).