diff --git a/security/author_spec.rb b/security/author_spec.rb
index 2fded01..37bffe3 100644
--- a/security/author_spec.rb
+++ b/security/author_spec.rb
@@ -3,9 +3,17 @@
 describe 'Author', type: :feature do
   before :each do
     @conf = read_config
+    @aem_author = init_author_client(@conf['aem']['author'])
   end
 
   it 'should not be able to login using default admin password' do
+    # use aem api calls
+    aem = @aem_author.aem
+    begin
+      aem.get_agents('author')
+    rescue RubyAem::Error => error
+      # response should be unauthorized
+      expect(error.result.response.status_code).to eq(401)
+    end
   end
-
 end
diff --git a/security/publish_spec.rb b/security/publish_spec.rb
index 3871239..66b1f94 100644
--- a/security/publish_spec.rb
+++ b/security/publish_spec.rb
@@ -3,9 +3,17 @@
 describe 'Publish', type: :feature do
   before :each do
     @conf = read_config
+    @aem_publish = init_publish_client(@conf['aem']['publish'])
   end
 
   it 'should not be able to login using default admin password' do
+    # use aem api calls
+    aem = @aem_publish.aem
+    begin
+      aem.get_agents('publish')
+    rescue RubyAem::Error => error
+      # response should be unauthorized
+      expect(error.result.response.status_code).to eq(401)
+    end
   end
-
 end