Types of Reports available in AEM6.4

No comments:

Enabling Encapsulation Token support in AEM

Replicating the HMAC key

The HMAC key is present as a binary property of /etc/key in the repository. You can download it separately by pressing the view link next to it:
chlimage_1
In order to replicate the key across instances, you need to:
  1. 1. Access the AEM instance, typically an author instance, that contains the key material to copy;
  2. Locate the com.adobe.granite.crypto.file bundle in the local file system. For example, under this path:
    • /crx-quickstart/launchpad/felix/bundle21
    2. The bundle.info file inside each folder will identify the bundle name.
  3. Navigate to the data folder. For example:
    • /crx-quickstart/launchpad/felix/bundle21/data
  4. 3. Copy the HMAC and master files.
  5. 4. Then, go to the target instance you want to duplicate the HMAC key to, and navigate to the data folder. For example:
    • /crx-quickstart/launchpad/felix/bundle21/data
  6. 5. Paste the two files you previously copied.
  7. 6. Refresh the Crypto Bundle if the target instance is already running.
  8. 7. Repeat the above steps for all instances you want to replicate the key to.

Enabling the Encapsulated Token

Once the HMAC key has been replicated, you can enable the Encapsulated Token via the Web Console:
    • Point your browser to http://serveraddress:port/system/console/configMgr
    • Look for an entry called Day CRX Token Authentication Handler and click it.
    • In the following window, tick the Enable encapsulated token support box and press Save.
            No comments:

            Enabling CRXDE Lite in AEM

            In order to ensure that AEM installations are as secure as possible, the security checklist recommends disabling WebDAV in production environments.
            However, CRXDE Lite depends on the org.apache.sling.jcr.davex bundle to function properly, so disabling WebDAV will effectively disable CRXDE Lite as well.
            When this happens, browsing to http://serveraddress:4502/crx/de/index.jsp will display an empty root node, and all HTTP requests to CRXDE Lite resources will fail:
            1. 404 Resource at '/crx/server/crx.default/jcr:root/.1.json' not found: No resource found

            While this recommendation is intended to reduce attack surfaces as much as possible, system administrators might sometimes need access to CRXDE Lite in order to browse content or debug issues on production instances.
            If disabled, you can turn CRXDE Lite on by following the below procedure:
            1. Go to the OSGi Components console at http://localhost:4502/system/console/components
            2. Search for the following component:
              • org.apache.sling.jcr.davex.impl.servlets.SlingDavExServlet
            3. Click the wrench icon next to it in order to see its configuration options:
              chlimage_1
            4. Create the following configuration:
              • Root path: /crx/server
              • Tick the box under Use absolute URIs.
            5. When finished using CRXDE Lite, make sure you disable WebDAV again
            You can also enable CRXDE Lite via cURL, by running this command:
            1
            curl -u admin:admin -F "jcr:primaryType=sling:OsgiConfig" -F "alias=/crx/server" -F
            "dav.create-absolute-uri=true" -F "dav.create-absolute-uri@TypeHint=Boolean"
            http://localhost:4502/apps/system/config/org.apache.sling.jcr.davex.impl.servlets.SlingDavExServlet
            No comments:
            Subscribe to: Posts (Atom)