Hi We at Peregrine CMS ran into an issue with Sling 11 and the Sling Authenticator. I adjusted the scenario to plain Sling to explain.
OOTB there is not access to /etc/clientlibs/repl/ace.js meaning when I try to access that page in a browser and are not logged in I will get a 404. Now I add ‘-/etc/clientlibs/repl’ to the Sling Authenticator’s sling.auth.requirements and try again and I will still get a 404. This was working in Sling 9. Adding read permission to everyone on /etc/clientlibs/repl makes the file accessible. Giving read permission for our case is fine but it seems to me that the Sling Authenticator’s sling.auth.requirements with ‘-‘ prefix is superfluous as it does not give access to a node w/o logging in. The only thing it does is to force a login with ‘+/etc/clientlibs/repl’ even if everyone has access. Cheers - Andy
