Open in app

Sign in

Write

Sign in

Basic Authentication in AEMaaCS CDN

Kinjal P Darji
2 min readOct 1, 2024

--

I’ll provide steps to use basic authentication in AEMaaCS environment using CDN configuration here.

Below is the sample file.

kind: "CDN"
version: "1"
metadata:
  envTypes: ["dev"]
data:
  authentication:
    authenticators:
       - name: my-basic-authenticator
         type: basic
         credentials:
           - user: myuser
             password: ${{CDN_AUTH_PASSWORD_FOR_MYUSER}}
    rules:
       - name: basic-auth-rule
         when: { reqProperty: path, like: /content/mytechblog/us/en* }
                
         action:
           type: authenticate
           authenticator: my-basic-authenticator

Here the envTypes define the type of environments where the configuration should be applied for example dev, stage, prod.

Credentials can be multiple entries with usernames and passwords. Password has to be configured in the environment variable as secret which applies to All.

Rule name should be basic-auth-rule .

reqProperty can have different values like clientIp, domain, method, tier etc. Find complete list here — https://experienceleague.adobe.com/en/docs/experience-manager-cloud-service/content/security/traffic-filter-rules-including-waf#condition-structure

Multiple when conditions can be combined using allOf or anyOf which are self explanatory. For example

      when:
        allOf:
          - reqProperty: tier
            matches: "author|publish"
          - reqProperty: path
            equals: '/block/me'

In action section, the authenticator has to be same as the name of authenticator that is declared in authenticators section — name: my-basic-authenticator.

This file should be placed inside <project dir>/config/dev/cdn.yaml there are other different ways of placing yaml files for CDN configuration as well. Those can be found at — https://experienceleague.adobe.com/en/docs/experience-manager-cloud-service/content/operations/config-pipeline#folder-structure

In order to deploy this code, a config pipeline for the intended environment should be created in cloud manager. The pipeline can be created as detailed out in this blog — https://www.albinsblog.com/2024/05/a-deep-dive-into-cdn-capabilities-within-aem-as-a-cloud.html or in this page — https://experienceleague.adobe.com/en/docs/experience-manager-cloud-service/content/operations/config-pipeline

The only thing to remember is to configure source code path as /config in the pipeline.

Photo Curtsey : https://experienceleague.adobe.com/en/docs/experience-manager-cloud-service/content/implementing/content-delivery/cdn-credentials-authentication#basic-auth

References :

https://experienceleague.adobe.com/en/docs/experience-manager-cloud-service/content/operations/config-pipeline

https://experienceleague.adobe.com/en/docs/experience-manager-cloud-service/content/security/traffic-filter-rules-including-waf

https://experienceleague.adobe.com/en/docs/experience-manager-cloud-service/content/implementing/content-delivery/cdn-credentials-authentication#basic-auth

Sign up to discover human stories that deepen your understanding of the world.

Free

Distraction-free reading. No ads.

Organize your knowledge with lists and highlights.

Tell your story. Find your audience.

Membership

Read member-only stories

Support writers you read most

Earn money for your writing

Listen to audio narrations

Read offline with the Medium app

Aemasacloudservice
New Feature Releases
Aem Developer
Aem Architect

--

--

Kinjal P Darji
Kinjal P Darji

Written by Kinjal P Darji

145 Followers
34 Following

Hi, I'm an AEM Architect and AWS Certified Developer. Passionate about scalable solutions, I’m now diving into the exciting world of AI/ML.

No responses yet

What are your thoughts?

Help

Status

About

Careers

Press

Blog

Privacy

Terms

Text to speech

Teams