I have several Servlets successfully deployed but, they are all using GET
I have added a servlet for POST. Below is a snippet of relevant code.
I have removed POST from "Apache Granite CSRF" and "Apache Sling Referrer Filter" - and enabled Empty.
I am getting this error:
@component(service = Servlet.class, property = {
Constants.SERVICE_DESCRIPTION + "=Servlet to return PDF",
"sling.servlet.methods=" + HttpConstants.METHOD_POST,
"sling.servlet.paths=" + "/bin/StreamPDF" })
@ServiceDescription("PDF Servlet")
public class StreamPDF extends SlingSafeMethodsServlet {
...
private static final Logger log = LoggerFactory.getLogger(StreamPDF.class);
protected void doPost(final SlingHttpServletRequest request, final SlingHttpServletResponse response) throws ServletException, IOException {
....
}
Any ideas?
Solved! Go to Solution.
Views
Replies
Total Likes
I have created this post servlet few days back and it worked for me, refer this if it may help you.
package com.aem.vk.core.servlets;
import org.apache.commons.io.IOUtils;
import org.apache.sling.api.SlingHttpServletRequest;
import org.apache.sling.api.SlingHttpServletResponse;
import org.apache.sling.api.resource.Resource;
import org.apache.sling.api.servlets.SlingAllMethodsServlet;
import org.json.JSONException;
import org.json.JSONObject;
import org.osgi.service.component.annotations.Component;
import org.osgi.service.component.annotations.Reference;
import javax.jcr.Node;
import javax.jcr.PathNotFoundException;
import javax.jcr.RepositoryException;
import javax.jcr.ValueFormatException;
import javax.servlet.Servlet;
import javax.servlet.ServletException;
import javax.sql.DataSource;
import java.io.IOException;
import java.io.InputStream;
import java.nio.charset.Charset;
import java.nio.charset.StandardCharsets;
import java.sql.Connection;
import java.sql.DriverManager;
import java.sql.PreparedStatement;
import java.sql.SQLException;
@Component(service = Servlet.class, property = { "sling.servlet.methods=get", "sling.servlet.methods=post",
"sling.servlet.paths=/bin/storeafsubmission" })
public class HandleAdaptiveFormSubmission extends SlingAllMethodsServlet {
//private static final Logger log = LoggerFactory.getLogger(HandleAdaptiveFormSubmission.class);
private static final long serialVersionUID = 1L;
@Reference(target = "(&(objectclass=javax.sql.DataSource)(datasource.name=AEM_MYSQL_DB))")
private DataSource dataSource;
protected void doPost(SlingHttpServletRequest request, SlingHttpServletResponse response) throws ServletException {
JSONObject afSubmittedData;
try {
afSubmittedData = new JSONObject(request.getParameter("jcr:data"));
// we will only store the data bound to schema
JSONObject dataToStore = afSubmittedData.getJSONObject("afData").getJSONObject("afBoundData")
.getJSONObject("data");
String formName = afSubmittedData.getJSONObject("afData").getJSONObject("afSubmissionInfo")
.getString("afPath");
//log.debug("The form name is " + formName);
insertData(dataToStore, formName);
} catch (JSONException e) {
// TODO Auto-generated catch block
e.printStackTrace();
} catch (ClassNotFoundException e) {
// TODO Auto-generated catch block
e.printStackTrace();
} catch (SQLException e) {
// TODO Auto-generated catch block
e.printStackTrace();
}
}
public void insertData(org.json.JSONObject jsonData, String formName) throws ClassNotFoundException, SQLException {
//log.debug("The json object I got to insert was " + jsonData.toString());
String insertTableSQL = "INSERT INTO db_vk.formsubmissions(formdata,formname) VALUES(?,?)";
//log.debug("The query is " + insertTableSQL);
Connection c = getConnection();
//Connection c = getConn();
PreparedStatement pstmt = null;
try {
pstmt = null;
pstmt = c.prepareStatement(insertTableSQL);
pstmt.setString(1, jsonData.toString());
pstmt.setString(2, formName);
//log.debug("Executing the insert statment " + pstmt.executeUpdate());
pstmt.executeUpdate();
c.commit();
} catch (SQLException e) {
//log.error("Getting errors", e);
} finally {
if (pstmt != null) {
try {
pstmt.close();
} catch (SQLException e) {
// TODO Auto-generated catch block
e.printStackTrace();
}
}
if (c != null) {
try {
c.close();
} catch (SQLException e) {
// TODO Auto-generated catch block
e.printStackTrace();
}
}
}
}
public Connection getConnection() {
//log.debug("Getting Connection ");
Connection con = null;
try {
con = dataSource.getConnection();
// log.debug("got connection");
return con;
} catch (Exception e) {
// log.error("not able to get connection ", e);
}
return null;
}
public String getJSONSchema(String afPath) {
// TODO Auto-generated method stub
afPath = afPath.replaceAll("/content/dam/formsanddocuments/", "/content/forms/af/");
Resource afResource = getResolver.getServiceResolver().getResource(afPath + "/jcr:content/guideContainer");
Node resNode = afResource.adaptTo(Node.class);
String schemaNode = null;
try {
schemaNode = resNode.getProperty("schemaRef").getString();
} catch (ValueFormatException e) {
// TODO Auto-generated catch block
e.printStackTrace();
} catch (PathNotFoundException e) {
// TODO Auto-generated catch block
e.printStackTrace();
} catch (RepositoryException e) {
// TODO Auto-generated catch block
e.printStackTrace();
}
if (schemaNode.startsWith("/content/dam")) {
//log.debug("The schema is in the dam");
afResource = getResolver.getServiceResolver()
.getResource(schemaNode + "/jcr:content/renditions/original/jcr:content");
resNode = afResource.adaptTo(Node.class);
InputStream jsonSchemaStream = null;
try {
jsonSchemaStream = resNode.getProperty("jcr:data").getBinary().getStream();
Charset charset = StandardCharsets.UTF_8;
String jasonSchemaString = IOUtils.toString(jsonSchemaStream, charset);
//log.debug("The Schema is " + jasonSchemaString);
return jasonSchemaString;
} catch (ValueFormatException e) {
// TODO Auto-generated catch block
e.printStackTrace();
} catch (PathNotFoundException e) {
// TODO Auto-generated catch block
e.printStackTrace();
} catch (RepositoryException e) {
// TODO Auto-generated catch block
e.printStackTrace();
} catch (IOException e) {
// TODO Auto-generated catch block
e.printStackTrace();
}
}
if (schemaNode.startsWith("/assets")) {
afResource = getResolver.getServiceResolver()
.getResource(afPath + "/jcr:content/guideContainer/" + schemaNode + "/jcr:content");
resNode = afResource.adaptTo(Node.class);
InputStream jsonSchemaStream = null;
try {
jsonSchemaStream = resNode.getProperty("jcr:data").getBinary().getStream();
Charset charset = StandardCharsets.UTF_8;
String jasonSchemaString = IOUtils.toString(jsonSchemaStream, charset);
//log.debug("The Schema is " + jasonSchemaString);
return jasonSchemaString;
} catch (ValueFormatException e) {
// TODO Auto-generated catch block
e.printStackTrace();
} catch (PathNotFoundException e) {
// TODO Auto-generated catch block
e.printStackTrace();
} catch (RepositoryException e) {
// TODO Auto-generated catch block
e.printStackTrace();
} catch (IOException e) {
// TODO Auto-generated catch block
e.printStackTrace();
}
}
return null;
}
}
I have created this post servlet few days back and it worked for me, refer this if it may help you.
package com.aem.vk.core.servlets;
import org.apache.commons.io.IOUtils;
import org.apache.sling.api.SlingHttpServletRequest;
import org.apache.sling.api.SlingHttpServletResponse;
import org.apache.sling.api.resource.Resource;
import org.apache.sling.api.servlets.SlingAllMethodsServlet;
import org.json.JSONException;
import org.json.JSONObject;
import org.osgi.service.component.annotations.Component;
import org.osgi.service.component.annotations.Reference;
import javax.jcr.Node;
import javax.jcr.PathNotFoundException;
import javax.jcr.RepositoryException;
import javax.jcr.ValueFormatException;
import javax.servlet.Servlet;
import javax.servlet.ServletException;
import javax.sql.DataSource;
import java.io.IOException;
import java.io.InputStream;
import java.nio.charset.Charset;
import java.nio.charset.StandardCharsets;
import java.sql.Connection;
import java.sql.DriverManager;
import java.sql.PreparedStatement;
import java.sql.SQLException;
@Component(service = Servlet.class, property = { "sling.servlet.methods=get", "sling.servlet.methods=post",
"sling.servlet.paths=/bin/storeafsubmission" })
public class HandleAdaptiveFormSubmission extends SlingAllMethodsServlet {
//private static final Logger log = LoggerFactory.getLogger(HandleAdaptiveFormSubmission.class);
private static final long serialVersionUID = 1L;
@Reference(target = "(&(objectclass=javax.sql.DataSource)(datasource.name=AEM_MYSQL_DB))")
private DataSource dataSource;
protected void doPost(SlingHttpServletRequest request, SlingHttpServletResponse response) throws ServletException {
JSONObject afSubmittedData;
try {
afSubmittedData = new JSONObject(request.getParameter("jcr:data"));
// we will only store the data bound to schema
JSONObject dataToStore = afSubmittedData.getJSONObject("afData").getJSONObject("afBoundData")
.getJSONObject("data");
String formName = afSubmittedData.getJSONObject("afData").getJSONObject("afSubmissionInfo")
.getString("afPath");
//log.debug("The form name is " + formName);
insertData(dataToStore, formName);
} catch (JSONException e) {
// TODO Auto-generated catch block
e.printStackTrace();
} catch (ClassNotFoundException e) {
// TODO Auto-generated catch block
e.printStackTrace();
} catch (SQLException e) {
// TODO Auto-generated catch block
e.printStackTrace();
}
}
public void insertData(org.json.JSONObject jsonData, String formName) throws ClassNotFoundException, SQLException {
//log.debug("The json object I got to insert was " + jsonData.toString());
String insertTableSQL = "INSERT INTO db_vk.formsubmissions(formdata,formname) VALUES(?,?)";
//log.debug("The query is " + insertTableSQL);
Connection c = getConnection();
//Connection c = getConn();
PreparedStatement pstmt = null;
try {
pstmt = null;
pstmt = c.prepareStatement(insertTableSQL);
pstmt.setString(1, jsonData.toString());
pstmt.setString(2, formName);
//log.debug("Executing the insert statment " + pstmt.executeUpdate());
pstmt.executeUpdate();
c.commit();
} catch (SQLException e) {
//log.error("Getting errors", e);
} finally {
if (pstmt != null) {
try {
pstmt.close();
} catch (SQLException e) {
// TODO Auto-generated catch block
e.printStackTrace();
}
}
if (c != null) {
try {
c.close();
} catch (SQLException e) {
// TODO Auto-generated catch block
e.printStackTrace();
}
}
}
}
public Connection getConnection() {
//log.debug("Getting Connection ");
Connection con = null;
try {
con = dataSource.getConnection();
// log.debug("got connection");
return con;
} catch (Exception e) {
// log.error("not able to get connection ", e);
}
return null;
}
public String getJSONSchema(String afPath) {
// TODO Auto-generated method stub
afPath = afPath.replaceAll("/content/dam/formsanddocuments/", "/content/forms/af/");
Resource afResource = getResolver.getServiceResolver().getResource(afPath + "/jcr:content/guideContainer");
Node resNode = afResource.adaptTo(Node.class);
String schemaNode = null;
try {
schemaNode = resNode.getProperty("schemaRef").getString();
} catch (ValueFormatException e) {
// TODO Auto-generated catch block
e.printStackTrace();
} catch (PathNotFoundException e) {
// TODO Auto-generated catch block
e.printStackTrace();
} catch (RepositoryException e) {
// TODO Auto-generated catch block
e.printStackTrace();
}
if (schemaNode.startsWith("/content/dam")) {
//log.debug("The schema is in the dam");
afResource = getResolver.getServiceResolver()
.getResource(schemaNode + "/jcr:content/renditions/original/jcr:content");
resNode = afResource.adaptTo(Node.class);
InputStream jsonSchemaStream = null;
try {
jsonSchemaStream = resNode.getProperty("jcr:data").getBinary().getStream();
Charset charset = StandardCharsets.UTF_8;
String jasonSchemaString = IOUtils.toString(jsonSchemaStream, charset);
//log.debug("The Schema is " + jasonSchemaString);
return jasonSchemaString;
} catch (ValueFormatException e) {
// TODO Auto-generated catch block
e.printStackTrace();
} catch (PathNotFoundException e) {
// TODO Auto-generated catch block
e.printStackTrace();
} catch (RepositoryException e) {
// TODO Auto-generated catch block
e.printStackTrace();
} catch (IOException e) {
// TODO Auto-generated catch block
e.printStackTrace();
}
}
if (schemaNode.startsWith("/assets")) {
afResource = getResolver.getServiceResolver()
.getResource(afPath + "/jcr:content/guideContainer/" + schemaNode + "/jcr:content");
resNode = afResource.adaptTo(Node.class);
InputStream jsonSchemaStream = null;
try {
jsonSchemaStream = resNode.getProperty("jcr:data").getBinary().getStream();
Charset charset = StandardCharsets.UTF_8;
String jasonSchemaString = IOUtils.toString(jsonSchemaStream, charset);
//log.debug("The Schema is " + jasonSchemaString);
return jasonSchemaString;
} catch (ValueFormatException e) {
// TODO Auto-generated catch block
e.printStackTrace();
} catch (PathNotFoundException e) {
// TODO Auto-generated catch block
e.printStackTrace();
} catch (RepositoryException e) {
// TODO Auto-generated catch block
e.printStackTrace();
} catch (IOException e) {
// TODO Auto-generated catch block
e.printStackTrace();
}
}
return null;
}
}
Yes, my servlet is structured almost exactly the same
The msg is pointing to the CSRF filter, so a couple of quick checks:
Under /configMgr >> Adobe Granite CSRF Filter
- Did you add Add the servlet (/bin/StreamPDF) to the Excluded Paths ("filter.excluded.paths") to whitelist your servlet path?
- Enable the POST method
I did everything that is instructed. Super weird.
I think we may need to deep dive into the server-side logs once. Also, are you hitting the servlet via publish or dispatcher URL?
For a quicker turnaround, could you please raise a support ticket to discuss this issue over a screenshare?
@crich2784 here is the complete steps and sample
Make sure you are extending sling all methods servlet
The solution to my problem was easy.
I was using SlingSafeMethodsServlet instead of SlingAllMethodsServlet
* SlingSafeMethodsServlet - If we want to use only the read-only methods then we use this. This base class is actually just a better implementation of the Servlet API HttpServlet class which accounts for extensibility. So extensions of this class have great control over what methods to overwrite. It supports GET, HEAD, OPTIONS etc methods.
* SlingAllMethodsServlet - If we want to use methods that write as well, then we use this. This class extends the SlingSafeMethodsServlet by support for the POST, PUT and DELETE methods.