I have a faint memory that I did encounter something similar a while back. I not sure but I think my problem was that when I saved my authentication config it contained the line service.bundleLocation=slinginstall:org.apache.sling.auth.core-1.x.x-SNAPSHOT.jar then later when I updated my sling instance that actual bundle version was no longer present or was an old one that did not work as intended with the other updated components. I think the actual file where the config is stored is located at <sling-work>/config/org/apache/sling/engine/impl/auth/SlingAuthenticator.config .
/Pontus On 2 August 2013 18:07, Oliver Lietz <[email protected]> wrote: > Am Freitag, 2. August 2013 schrieb Felix Meschberger: > > Hi > > hello Felix, > > > I would assume the Sling Authentication Service has HTTP Basic > > Authentication enabled with preemptive support. This means a 401 response > > is never sent. Reconfiguring the Authentication Service to fully enable > > HTTP Basic Authentication should do the trick. > > it's already configured with full support. Any other idea? > > Regards, > O. > > > Hope this helps. > > > > Regards > > Felix > > > > Am 02.08.2013 um 13:38 schrieb Oliver Lietz: > > > hello all, > > > > > > I'm porting an application from Vaadin to Sling using HTML and a custom > > > Sling Servlet (service with property sling.servlet.paths). > > > This works fine, but securing this application with HTTP Basic > > > Authentication Handler does not work. > > > > > > - Allow Anonymous Access is enabled (in Apache Sling Authentication > > > Service configuration) > > > > > > - Authentication Requirements is empty (in Apache Sling Authentication > > > Service configuration) > > > > > > - HTTP Basic Authentication Handler is the only handler and registered > > > for path / > > > > > > - the custom servlet sets sling.auth.requirements to > > > {"+/services/myservlet", "+/content/myapp"} (myapp contains the HTML in > > > JCR, no ACLs changed) > > > > > > - Authenticator (slingauth) shows Authentication Required Yes for > > > /services/myservlet and /content/myapp and No for / (and also No for > > > /system/sling/logout, /system/sling/login, /server) > > > > > > I expect the browser to ask for username and password when accessing > > > /content/myapp and /services/myservlet, but that does not happen. > > > What is missing? Is this intended behavior or a bug (same behavior on > > > current Sling and CQ 5.5)? > > > > > > thanks, > > > O. >
