AEM 6.5 | Author | Exclude a url from authentication requirement

Exclude the servlet path in “Apache Sling Authentication Service

AEM runmode : author

Navigate to http://localhost:4502/system/console/configMgr and add servlet path to “Authentication Requirements” field , starting with “-“.

As per “Authentication Requirements” field description :
” Defines URL space subtrees which require or don’t require authentication. For any request the best matching path configured applies and defines whether authentication is actually required for the request or not. Each entry in this list can be an absolute path (such as /content) or and absolute URI (such as http://thehost/content). Optionally each entry may be prefixed by a plus (+) or minus (-) sign indicating that authentication is required (plus) or not required (minus). Example entries are “/content” or “+/content” to require authentication at and below “/content” and “-/system/sling/login” to not require authentication at and below “/system/sling/login”. By default this list is empty. This list is extended at run time with additional entries: One entry is added for the “Allow Anonymous Access” configuration. Other entries are added for any services setting the “sling.auth.requirements” service registration property. (sling.auth.requirements)”

In case path to be accessed is a custom code servlet, the other way is to use below property attributes in servlet :
Property(name = “sling.auth.requirements”, value = “-{pathtoservlet}”) 
as suggested here
https://experienceleaguecommunities.adobe.com/t5/adobe-experience-manager/aem-author-instance-exclude-servlet-from-authentication/qaq-p/164130#M586

Leave a Reply