403 Forbidden error on get servlet | Community
Skip to main content
B
BenSt10
Level 4
June 1, 2016

403 Forbidden error on get servlet

  • June 1, 2016
  • 1 reply
  • 12028 views

I'm testing a servlet I use to wait for get requests to the createpagewizard.html at a given path that redirects the requests to another directory (it's a news system, so I want new articles to always go in the appropriate year/month path). It works for the specified paths, but on paths higher int he tree, I get a 403 error:

Forbidden Cannot serve request to /mnt/overlay/wcm/core/content/sites/createpagewizard.html/content/uc/news/ in org.apache.sling.servlets.get.DefaultGetServlet Request Progress: 0 TIMER_START{Request Processing} 0 COMMENT timer_end format is {<elapsed msec>,<timer name>} <optional message> 0 LOG Method=GET, PathInfo=/mnt/overlay/wcm/core/content/sites/createpagewizard.html/content/uc/news/ 0 TIMER_START{ResourceResolution} 0 TIMER_END{0,ResourceResolution} URI=/mnt/overlay/wcm/core/content/sites/createpagewizard.html/content/uc/news/ resolves to Resource=MergedResource [path=/mnt/overlay/wcm/core/content/sites/createpagewizard.html/content/uc/news, resources=[Ljava.lang.String;@550aeead] 0 LOG Resource Path Info: SlingRequestPathInfo: path='/mnt/overlay/wcm/core/content/sites/createpagewizard.html/content/uc/news', selectorString='null', extension='null', suffix='/' 0 TIMER_START{ServletResolution} 0 TIMER_START{resolveServlet(/mnt/overlay/wcm/core/content/sites/createpagewizard.html/content/uc/news)} 0 TIMER_END{0,resolveServlet(/mnt/overlay/wcm/core/content/sites/createpagewizard.html/content/uc/news)} Using servlet org.apache.sling.servlets.get.DefaultGetServlet 0 TIMER_END{0,ServletResolution} URI=/mnt/overlay/wcm/core/content/sites/createpagewizard.html/content/uc/news/ handled by Servlet=org.apache.sling.servlets.get.DefaultGetServlet 0 LOG Applying Requestfilters 0 LOG Calling filter: com.adobe.granite.resourceresolverhelper.impl.ResourceResolverHelperImpl 0 LOG Calling filter: org.apache.sling.bgservlets.impl.BackgroundServletStarterFilter 0 LOG Calling filter: org.uc.news.core.filters.UserEditorFilter 0 LOG Calling filter: com.adobe.granite.rest.impl.servlet.ApiResourceFilter 0 LOG Calling filter: org.apache.sling.i18n.impl.I18NFilter 0 LOG Calling filter: com.adobe.granite.httpcache.impl.InnerCacheFilter 0 LOG Calling filter: org.apache.sling.rewriter.impl.RewriterFilter 0 LOG Calling filter: com.adobe.cq.mcm.campaign.servlets.CampaignCopyTracker 0 LOG Calling filter: com.day.cq.wcm.core.impl.WCMRequestFilter 0 LOG Calling filter: com.adobe.cq.history.impl.HistoryRequestFilter 0 LOG Calling filter: com.adobe.granite.optout.impl.OptOutFilter 0 LOG Calling filter: com.day.cq.wcm.foundation.forms.impl.FormsHandlingServlet 0 LOG Calling filter: com.adobe.cq.social.commons.cors.CORSAuthenticationFilter 0 LOG Calling filter: com.day.cq.analytics.provisioning.impl.UserAuthenticationRequestFilter 0 LOG Calling filter: org.apache.sling.engine.impl.debug.RequestProgressTrackerLogFilter 0 LOG Calling filter: com.day.cq.wcm.mobile.core.impl.redirect.RedirectFilter 0 LOG RedirectFilter did not redirect (not redirecting in author mode) 0 LOG Calling filter: com.day.cq.wcm.core.impl.warp.TimeWarpFilter 0 LOG Calling filter: com.day.cq.wcm.core.impl.AuthoringUIModeServiceImpl 0 LOG Calling filter: org.apache.sling.security.impl.ContentDispositionFilter 0 LOG Calling filter: com.adobe.granite.csrf.impl.CSRFFilter 0 LOG Calling filter: com.adobe.granite.requests.logging.impl.RequestLoggerImpl 0 LOG Calling filter: com.day.cq.dam.core.impl.servlet.ActivityRecordHandler 0 LOG Calling filter: com.day.cq.dam.core.impl.assetlinkshare.AdhocAssetShareAuthHandler 0 LOG Calling filter: com.adobe.cq.social.ugcbase.security.impl.SaferSlingPostServlet 0 LOG Applying Componentfilters 0 LOG Calling filter: com.day.cq.wcm.core.impl.WCMComponentFilter 1 LOG Calling filter: com.day.cq.wcm.core.impl.WCMDebugFilter 1 LOG Calling filter: com.day.cq.personalization.impl.TargetComponentFilter 1 TIMER_START{org.apache.sling.servlets.get.DefaultGetServlet#0} 1 LOG Using org.apache.sling.servlets.get.impl.helpers.StreamRendererServlet to render for extension=null 1 LOG Applying Error filters 1 LOG Calling filter: org.apache.sling.i18n.impl.I18NFilter 1 LOG Calling filter: org.apache.sling.rewriter.impl.RewriterFilter 1 TIMER_START{handleError:status=403} 1 TIMER_END{0,handleError:status=403} Using handler /libs/sling/servlet/errorhandler/default.jsp 2 LOG Found processor for post processing ProcessorConfiguration: {contentTypes=[text/html], order=-1, active=true, valid=true, processErrorResponse=true, pipeline=(generator=Config(type=htmlparser, config={}), transformers=(Config(type=linkchecker, config={}), Config(type=mobile, config=JcrPropertyMap [node=Node[NodeDelegate{tree=/libs/cq/config/rewriter/default/transformer-mobile: { jcr:primaryType = nt:unstructured, component-optional = true}}], values={jcr:primaryType=nt:unstructured, component-optional=true}]), Config(type=mobiledebug, config=JcrPropertyMap [node=Node[NodeDelegate{tree=/libs/cq/config/rewriter/default/transformer-mobiledebug: { jcr:primaryType = nt:unstructured, component-optional = true}}], values={jcr:primaryType=nt:unstructured, component-optional=true}]), Config(type=contentsync, config=JcrPropertyMap [node=Node[NodeDelegate{tree=/libs/cq/config/rewriter/default/transformer-contentsync: { jcr:primaryType = nt:unstructured, component-optional = true}}], values={jcr:primaryType=nt:unstructured, component-optional=true}]), serializer=Config(type=htmlwriter, config={}))} 3 TIMER_END{3,Request Processing} Dumping SlingRequestProgressTracker Entries

I've seen reports of this with POST servlets where it was a CSRF issue, but not GET servlet. Nothing comes up in my error logs. I've included the whole source for the servlet below (minus imports to come within length constraints):

//TODO regex like [0-9]{4} instead of the year hardcoded? @Component(metatype = true) @Service(Servlet.class) @Properties({ @Property(name = "sling.servlet.methods", value = "GET"), @Property(name = "sling.servlet.paths", value = { "/libs/wcm/core/content/sites/createpagewizard.html/content/uc/news/articles", "/libs/wcm/core/content/sites/createpagewizard.html/content/uc/news/articles/2016" }) }) public class CreationServlet extends SlingSafeMethodsServlet { private static final long serialVersionUID = 3044360007999929023L; private static final Logger log = LoggerFactory.getLogger(CreationServlet.class); @Reference private ResourceResolverFactory resolverFactory; @Override protected void doGet(final SlingHttpServletRequest req, final SlingHttpServletResponse resp) throws ServletException, IOException { try { final ResourceResolver rr = resolverFactory.getAdministrativeResourceResolver(null); final PageManager pm = rr.adaptTo(PageManager.class); boolean hasYearPart = false; String[] path = req.getPathInfo().split("/"); if(path[path.length-1].length() == 4) hasYearPart = true; // check if there is a page at /content/uc/news/articles/YYYY/MM // (for the current year and month), create them if not, then // redirect to a page creation under there Date d = new Date(); SimpleDateFormat ysdf = new SimpleDateFormat("yyyy"); SimpleDateFormat msdf = new SimpleDateFormat("MM"); String yearpart = ysdf.format(d); // gets something like 2016 String monthpart = msdf.format(d); // gets something like 01 String baseurl = "/content/uc/news/articles"; String template = "/conf/news/settings/wcm/templates/news-portal"; Resource articleRes = rr.resolve(baseurl); Page yearPage = null; Page monthPage = null; if(articleRes.getChild(yearpart) != null) yearPage = articleRes.getChild(yearpart).adaptTo(Page.class); if (yearPage == null) { yearPage = pm.create(baseurl, yearpart, template, yearpart); rr.commit(); } if(articleRes.getChild(yearpart) != null && articleRes.getChild(yearpart).getChild(monthpart) != null) monthPage = articleRes.getChild(yearpart).getChild(monthpart).adaptTo(Page.class); if (monthPage == null) { monthPage = pm.create(baseurl + "/" + yearpart, monthpart, template, monthpart); rr.commit(); } if(hasYearPart) resp.sendRedirect(yearpart + "/" + monthpart); else resp.sendRedirect("articles/" + yearpart + "/" + monthpart); } catch (Exception e) { resp.getWriter().println(e); for(StackTraceElement ln : e.getStackTrace()) resp.getWriter().println(ln); } } }

The only thing I can think is happening is something with the lowerlevel funtionality of the servlet resolver, but the note from the sling documentation: "A servlet using this property might be ignored unless its path is included in the Execution Paths (servletresolver.paths) configuration setting of the SlingServletResolver service." doesn't seem to apply in this case. I'm using a servler elsewhere at /bin/news/articles (and /bin/news/articles.rss and .json) with no issues--perhaps this is a problem because there is a servlet listening at  /mnt/overlay/wcm/core/content/sites/createpagewizard.html already?

Any help is appreciated. Thanks

This post is no longer active and is closed to new replies. Need help? Start a new post to ask your question.

1 reply

L
leeasling
Level 8
June 1, 2016

You have your servlet restricted to 2 paths, so the path that you're trying to use will be a 403 because you haven't allowed access to it.

@Property(name = "sling.servlet.paths", value = { "/libs/wcm/core/content/sites/createpagewizard.html/content/uc/news/articles", "/libs/wcm/core/content/sites/createpagewizard.html/content/uc/news/articles/2016" })

If you want to add access to the location you're trying, modify to this

@Property(name = "sling.servlet.paths", value = { "/libs/wcm/core/content/sites/createpagewizard.html/content/uc/news" })

And that covers all of the paths.

B
BenSt10Author
Level 4
June 1, 2016

Sorry, perhaps I wasn't being clear.

I only want the srevet to run on those 2 paths, everything else should fall back to whatever other servlet was running on the default for the page creation wizard.

I make plenty of there Get requests (inclusing creating pages under /content/geometrix...) for example that are served up just fine, so I'm not really clear on what's happening for this set of paths

Tuhin_Ghosh
Tuhin_Ghosh
Level 8
June 2, 2016

I agree with leeasling,

But if you want to access your servlet by those two paths only then thats fine, its only that by the logs you have attached it seems you are trying to access it from a parent path which is not mapped anywhere in OSGI to any servlet. Thus you are getting this exception. Not sure if this was the answer you were looking for though.

Thanks

Tuhin

Terms & ConditionsAccessibility statement

Loading footer...