Delivery Tier Authentication not working


I am trying to setup BasicAuthentication for one of the custom Jaxrs Rest endpoint in delivery tier application.

I am following Delivery Tier Authentication Configuration - Bloomreach Experience Manager (PaaS/Self-Hosted) - The Fast and Flexible Headless CMS

While I am trying to access my endpoint it gives me pop up and when I enter the credentials I am getting “Forbidden” despite entering correct CMS admin credentials as below,

The below config at Jaxrs component,

The below config I have done at site/webapp/src/main/webapp/WEB-INF/web.xml

I changed valve as BasicAuthenticator at site/webapp/src/main/webapp/META-INF/context.xml

Note: all other default configurations do exist at mentioned in the documentation.

Can someone please advice on this?

Thank you for reading till here!!!

One thing I noticed as below,

When I configure this it is working as expected

When I configure this it is giving me Forbidden error, so there is some issue while configuring Auth for “admin”

@jasper.floor @jeroen.hoffman can you please help in this? or any way to debug the issue?


I’m sorry I don’t see the error here right away and I currently don’t have time to see if I can reproduce your setup. You could try and put a breakpoint in the HippoAccessManager (I think that’s the right class) but it can be quite hard to understand what is going on there.