I am trying to set up a login form that will submit through a custom login module and authentication handler, and I'm finding the configuration for the page confusing.
Does the Sling Authenticator do anything? Is all anonymous access configured through just the CQ5 security, sling authenticator, or both?
I have managed to access my page anonymously; if I curl the URL I can get the html. But access it from the browser, things go wrong, presumably because I need to configure some of the other URLs linked by the html. I am trying to work through the list of errors, but the error codes seem backwards. When I haven't granted anonymous access, I appear to get a 404 error and I get a 403 when the resource doesn't exist. What's going on?