A

Anonymous

Solved

Permissions on Publish for anonymous

Forum|Forum|10 years ago
January 20, 2016
8 replies
6600 views

Hello,

Using: AEM 6.1.0

We are in middle on the developing of our first website. The content and code is transferred correctly to the publish instance.

Trying to render a page on publish, does not work as anonymous, but works as admin. So I guess it is a permissions problem for the user anonymous, who has only (standard) access to /content and /bin.

I could not find any documentation, which permissions to give to the anonymous user except for an article on stack overflow.

Here it was suggested to give him read on everything and let the dispatcher deny any direct access to /apps, /etc and other folders...

This seems like a bad security concept, letting a web server handle the security.

Is this the only possible way to do this?

Kind regards,

Jerry

This post is no longer active and is closed to new replies. Need help? Start a new post to ask your question.

Best answer by

Problem solved:

Template from the developers tried to read sth beneath /etc/siteconfig. (some parameters for the website are stored here, like how many news to show, etc...)

"Anonymous" had no access to that /etc/siteconfig.

What I don't understand is:

Why does the system checks if a user has the permission to read that content, that a template needs?

"anonymous" has no rights to read the code from the components, but they still get exectued?!

A

Anonymous

Accepted solution

Problem solved:

Template from the developers tried to read sth beneath /etc/siteconfig. (some parameters for the website are stored here, like how many news to show, etc...)

"Anonymous" had no access to that /etc/siteconfig.

What I don't understand is:

Why does the system checks if a user has the permission to read that content, that a template needs?

"anonymous" has no rights to read the code from the components, but they still get exectued?!

A

Anonymous

All the pages

Lokesh_Shivalingaiah

New Participant

Is this happening for all the pages or any specific page ?

A

Anonymous

I never replicated any ACL's. I created new ones for the replication agent, but this should not have impacted the "anonymou" user. I did not change the "everyone" group (picture attached).

Premkarthic-7WP

New Participant

That is expected behavior.

Did you applied any acl at author and moved the same to publish instance, if so please remove the same from publish and check.

A

Anonymous

bsloki wrote...

couple of questions.

Are you able to access /content/geometrixx/en.html without login which is the default behaviour of publisher ?

When you say it doesnt render, does it throw 404 or is it partially rendered ?

I installed with "nosamplecontent", so there is no geometrixx.
Logged in as admin: renders the page perfectly
Being "anonymous":
java.lang.reflect.InvocationTargetException
RequestURI=/content/conseil_etat/fr/composition0.html
Servlet= /apps/global/components/page/basepage/basepage.jsp

Premkarthic wrote...

Did you moved rep:policy node along with your content to publish?

If so, please check for the existence of rep:policy node in publish instandce under your project content path, it might cause the issue.

If I'm logged in as admin, I can see the rep:policy under /content
If I'm logged out, I can't see any rep:policy ( but I guess this is the correct behaviour)

Premkarthic-7WP

New Participant

Did you moved rep:policy node along with your content to publish?

If so, please check for the existence of rep:policy node in publish instandce under your project content path, it might cause the issue.

Lokesh_Shivalingaiah

New Participant

couple of questions.

Are you able to access /content/geometrixx/en.html without login which is the default behaviour of publisher ?

When you say it doesnt render, does it throw 404 or is it partially rendered ?

java.lang.reflect.InvocationTargetException

Sign up

Login with SSO

Login to the community

Login with SSO

Scanning file for viruses.

This file cannot be downloaded