Open in app

Sign in

Write

Sign in

Basic Authentication in AEMaaCS CDN

Kinjal P Darji
2 min readOct 1, 2024

I’ll provide steps to use basic authentication in AEMaaCS environment using CDN configuration here.

Below is the sample file.

kind: "CDN"
version: "1"
metadata:
  envTypes: ["dev"]
data:
  authentication:
    authenticators:
       - name: my-basic-authenticator
         type: basic
         credentials:
           - user: myuser
             password: ${{CDN_AUTH_PASSWORD_FOR_MYUSER}}
    rules:
       - name: basic-auth-rule
         when: { reqProperty: path, like: /content/mytechblog/us/en* }
                
         action:
           type: authenticate
           authenticator: my-basic-authenticator

Here the envTypes define the type of environments where the configuration should be applied for example dev, stage, prod.

Credentials can be multiple entries with usernames and passwords. Password has to be configured in the environment variable as secret which applies to All.

Rule name should be basic-auth-rule .

reqProperty can have different values like clientIp, domain, method, tier etc. Find complete list here — https://experienceleague.adobe.com/en/docs/experience-manager-cloud-service/content/security/traffic-filter-rules-including-waf#condition-structure

Multiple when conditions can be combined using allOf or anyOf which are self explanatory. For example

      when:
        allOf:
          - reqProperty: tier
            matches: "author|publish"
          - reqProperty: path
            equals: '/block/me'

In action section, the authenticator has to be same as the name of authenticator that is declared in authenticators section — name: my-basic-authenticator.

This file should be placed inside <project dir>/config/dev/cdn.yaml there are other different ways of placing yaml files for CDN configuration as well. Those can be found at — https://experienceleague.adobe.com/en/docs/experience-manager-cloud-service/content/operations/config-pipeline#folder-structure

In order to deploy this code, a config pipeline for the intended environment should be created in cloud manager. The pipeline can be created as detailed out in this blog — https://www.albinsblog.com/2024/05/a-deep-dive-into-cdn-capabilities-within-aem-as-a-cloud.html or in this page — https://experienceleague.adobe.com/en/docs/experience-manager-cloud-service/content/operations/config-pipeline

The only thing to remember is to configure source code path as /config in the pipeline.

Photo Curtsey : https://experienceleague.adobe.com/en/docs/experience-manager-cloud-service/content/implementing/content-delivery/cdn-credentials-authentication#basic-auth

References :

https://experienceleague.adobe.com/en/docs/experience-manager-cloud-service/content/operations/config-pipeline

https://experienceleague.adobe.com/en/docs/experience-manager-cloud-service/content/security/traffic-filter-rules-including-waf

https://experienceleague.adobe.com/en/docs/experience-manager-cloud-service/content/implementing/content-delivery/cdn-credentials-authentication#basic-auth

Aemasacloudservice
New Feature Releases
Aem Developer
Aem Architect

--

--

Kinjal P Darji
Kinjal P Darji

Written by Kinjal P Darji

151 Followers
33 Following

Hi, I'm an AEM Architect and AWS Certified Developer. I also hold PG certificate in AIML by IIIT Hyderabad.

No responses yet

Help

Status

About

Careers

Press

Blog

Privacy

Rules

Terms

Text to speech