Servlet accessible on author instance | Adobe Higher Education
Skip to main content
October 16, 2015
Risolto

Servlet accessible on author instance

  • October 16, 2015
  • 8 risposte
  • 3365 visualizzazioni

I made a servlet eg:

@SlingServlet(paths = { "/servlets/exampleServlet" }, methods = { "POST" }, extensions = { "json" }) public class ExampleServlet extends SlingAllMethodsServlet { @Override protected void doPost(SlingHttpServletRequest request, SlingHttpServletResponse response) throws ServletException, IOException { //return something } }

The thing is that my servlet is accessible when I access it on publish instance. But when I try to access it on admin instance it returns 401 http code.

Can I make it accessible on my author instance and how?

Questo argomento è stato chiuso alle risposte.
Migliore risposta di smacdonald2008

If uou are invoking the servlet from outside cq, make sure you authenticate in the http request.  

Here is an article that posts files to cq from a java swing app

https://helpx.adobe.com/experience-manager/using/post_files.html

This example posts using this java code:

//Posts the selected file to AEM
    private static void postAEM(File file, String host, String path, String mimeType)
    {
        try {
 
            String aemPostUrl = host+"/bin/upfile";
             HttpPost post = new HttpPost(aemPostUrl);
            org.apache.http.entity.mime.MultipartEntity entity = new org.apache.http.entity.mime.MultipartEntity ();
            byte[] b = new byte[(int)file.length()];
            org.apache.http.entity.mime.content.FileBody fileBody = new org.apache.http.entity.mime.content.FileBody(file, mimeType) ;
            org.apache.http.entity.mime.content.StringBody imageTitle = new org.apache.http.entity.mime.content.StringBody(path);
 
            entity.addPart("imageTitle", imageTitle);
            entity.addPart("image", fileBody);
            post.setEntity(entity);
 
            org.apache.http.impl.client.DefaultHttpClient client = new org.apache.http.impl.client.DefaultHttpClient();
            org.apache.http.HttpResponse response = null;
 
            response = client.execute(post);
            System.out.println("Done") ;
        } catch (Exception e) {
            e.printStackTrace();
        }
 
    }

 

This is an example of invoking a servlet from outside cq.

8 risposte

Adobe Employee
October 16, 2015

Hi Marko,

As far as I can say, this behavior is expected. Every request made to an author instance must be authenticated.

Moreover, I noticed you're trying to bind a Servlet to a specific path. I wanted to let you know that it is recommended to bind your servlet to a resource type. This way you can easily rely on ACL to restrict access to your instance but also have multiple configurations stored at a node level.

Hope that helps,

Alex

October 16, 2015

Are you saying it cannot be accessed like this? I know this is default behavior, but I want to make it accessible.
I do not see how I would use the servlet bound to resource type (i do not have any resource here to bind it with - i just need only one servlet).
What I need is a third party accessing the API through servlet. It has some internal logic that based on parameters returns correct json.
 

smacdonald2008
Level 10
October 16, 2015

Try using an ajax request to do this. 

https://helpx.adobe.com/experience-manager/using/custom-sling-servlets.html

Invoking a servlet on author is not an issue. It works.

October 16, 2015

No. I do not need ajax request on server. I have loads of other servlets for ajax and post that work on author instance. Why do they work? They have a session being previously logged on. 

What I need is a servlet that will be accessible for a third party application, not any browser or javascript requests that already have cookies. 

smacdonald2008
Level 10
October 16, 2015

If uou are invoking the servlet from outside cq, make sure you authenticate in the http request.  

Here is an article that posts files to cq from a java swing app

https://helpx.adobe.com/experience-manager/using/post_files.html

This example posts using this java code:

//Posts the selected file to AEM
    private static void postAEM(File file, String host, String path, String mimeType)
    {
        try {
 
            String aemPostUrl = host+"/bin/upfile";
             HttpPost post = new HttpPost(aemPostUrl);
            org.apache.http.entity.mime.MultipartEntity entity = new org.apache.http.entity.mime.MultipartEntity ();
            byte[] b = new byte[(int)file.length()];
            org.apache.http.entity.mime.content.FileBody fileBody = new org.apache.http.entity.mime.content.FileBody(file, mimeType) ;
            org.apache.http.entity.mime.content.StringBody imageTitle = new org.apache.http.entity.mime.content.StringBody(path);
 
            entity.addPart("imageTitle", imageTitle);
            entity.addPart("image", fileBody);
            post.setEntity(entity);
 
            org.apache.http.impl.client.DefaultHttpClient client = new org.apache.http.impl.client.DefaultHttpClient();
            org.apache.http.HttpResponse response = null;
 
            response = client.execute(post);
            System.out.println("Done") ;
        } catch (Exception e) {
            e.printStackTrace();
        }
 
    }

 

This is an example of invoking a servlet from outside cq.

smacdonald2008
Level 10
October 16, 2015

I use this app to upload JS/CSS files to a clientlibs folder. It works great.

October 16, 2015

Tnx for the example.I just needed to add this line to servlet to be accessible on the author. No authorization needed afterwards.

@Property(name = "sling.auth.requirements", value = "-/servlets/exampleServlet")
smacdonald2008
Level 10
October 16, 2015
When doing no authentication, keep URL secret. I use this for my own tool. For public use, use authentication.