Post servlet giving 403 forbidden error during post ajax call | Adobe Higher Education
Skip to main content
B
bhagchand
Level 3
April 26, 2022
Beantwoord

Post servlet giving 403 forbidden error during post ajax call

  • April 26, 2022
  • 4 reacties
  • 8943 Bekeken

Hi Team,

Hope you are doing great.

 

Can you please me to resolve 403 error during post servlet call 

Forbidden

Cannot serve request to /bin/servlets/job-apply on this server

Apache Sling

import Vue from 'vue';
import Axios from "axios";

if(document.getElementById("job-details")){

var app = new Vue({
el: '#job-listing',
data:{
jobList: [],
},

mounted(){
const now = new Date();
var origin = location.origin;
var URL = origin+"/bin/servlets/job-apply";
const config = {
headers: {
"Content-Type": "application/json; charset=utf-8"
}
}
Axios.post(URL, config)
.then(response =>{
this.jobList = response.data;
console.log(this.jobList,'bhagchand saini')
});
},
})
}
 
 

package com.ranosys.website.core.servlets;

import java.io.IOException;

import javax.servlet.Servlet;
import javax.servlet.ServletException;

import org.apache.sling.api.SlingHttpServletRequest;
import org.apache.sling.api.SlingHttpServletResponse;
import org.apache.sling.api.servlets.HttpConstants;
import org.apache.sling.api.servlets.SlingAllMethodsServlet;
import org.osgi.framework.Constants;
import org.osgi.service.component.annotations.Component;
import org.osgi.service.component.annotations.Reference;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;

import com.ranosys.website.core.services.SalesforceHttpService;

/**

*
* This method makes an HTTP call send data to salesforce
*
*/
@8220494(service = Servlet.class, property = { Constants.SERVICE_DESCRIPTION + "=HTTP servlet",
"sling.servlet.methods=" + HttpConstants.METHOD_POST, "sling.servlet.paths=" + "/bin/servlets/job-apply" })
public class SalesforceJobApply extends SlingAllMethodsServlet {

/**
* Generated serialVersionUid
*/
private static final long serialVersionUID = -2014397651676211439L;

/**
* Logger
*/
private static final Logger log = LoggerFactory.getLogger(SalesforceJobApply.class);

@3214626
private SalesforceHttpService httpService;

/**
* Overridden doPost() method
*/
@9944223
protected void doPost(SlingHttpServletRequest request, SlingHttpServletResponse response) throws ServletException, IOException{
log.error("---------basfhdsaggsaddshj----------");
try {
log.info("---------basfhdsaggsaddshj----------");
//response.getWriter().println(jsonResponse2);

} catch (Exception e) {

log.error(e.getMessage(), e);
}
}

}

 

Can you please anyone help on this

 

Er kunnen geen reacties meer worden geplaatst op dit onderwerp.
Beste antwoord door DEBAL_DAS

still same, I am using AEM as CS

Can you please help me on this.
Thanks


Could you please refer https://sourcedcode.com/blog/video-tutorial/how-to-make-simple-http-post-methods-in-aem-with-a-http-rest-client and try.

4 reacties

DEBAL_DAS
DEBAL_DAS
New Member
April 26, 2022

Could you please try the below one -

 

To make this form submission process operational on AEM instance I have added servlet path via

http://<aem-instance>:port/system/console/configMgr

 

Please use your servlet path: /bin/servlets/job-apply in above configuration and let me know.

Debal Das, Senior AEM Consultant
    B
    bhagchandAuteur
    Level 3
    April 26, 2022

    thanks let me check

     

      S
      shikharsharma6121
      April 26, 2023

      Hi all,

      Make all the changes in the configuration as mentioned in https://sourcedcode.com/blog/video-tutorial/how-to-make-simple-http-post-methods-in-aem-with-a-http-rest-client 

      Still getting 403 forbidden error while masking POST request to the servlet from other domain, also added the domain name of the application from which our servlet is getting called in allow origin in the Adobe Granite Cross Origin Resource Shairing Policy configuration. Remove POST from filter methods in Adobe Granite CSRF Filter configuration and added servlet path in excluded path of this configuration. 

       

      can anyone please help on this

        Uppari_Ramesh
        Uppari_Ramesh
        Level 5
        July 14, 2023

        @bhagchand 

        Simple way to debug this is go to you error.log file and search for your endpoint or name of servlet API. There you can see why the request is failing. Mostly it will be 

        com.adobe.granite.csrf.impl.CSRFFilter isValidRequest: empty CSRF token - rejecting

         Then you can add your servlet path in excluded path then it will work.

         

        If issue is not with CSRF then you can actual issue in error.log

          rk_pandian
          rk_pandian
          Level 4
          October 5, 2023

          If this is a CSRF filter issue then I think the best way to handle this is by following Adobe's recommendation - by generating a CSRF token while submitting a POST request (for authenticated users).

           

          Please check the logs as @uppari_ramesh mentioned & if you see CSRF related error messages then please follow the steps in this link: https://experienceleague.adobe.com/docs/experience-manager-learn/cloud-service/developing/advanced/csrf-protection.html?lang=en

           

          Note: In some cases your CDN might block the token generation, which needs whitelisting. Also the above link is under cloud service, so not sure if it works for non-cloud as well. Hope this helps.

          ForumvoorwaardenAccessibility statement

          Loading footer...