Adobe Experience Manager Sites & More

Report · ‎11-03-2017

Hi. My usecase is I want to fetch values from servlet which I am passing through Ajax call. I added a button and using jquery and ajax, I am calling a servlet. But I am getting an error in chrome console

POST http://10.44.42.75:4502/bin/JCRServiceServlet 403 (Forbidden)

Can anybody tell me what is wrong? The console is displaying the values of myFirst and myLast variables. Please find my code as below:

@SlingServlet(paths = "/bin/JCRServiceServlet", methods = "POST", metatype = true) public class SimpleServlet extends org.apache.sling.api.servlets.SlingAllMethodsServlet { private Logger logger = LoggerFactory.getLogger(this.getClass()); private static final long serialVersionUID = 2598426539166789515L; @Override protected void doPost(SlingHttpServletRequest request, SlingHttpServletResponse response) throws ServerException, IOException { try { String myFirst = request.getParameter("myFirst"); String myLast = request.getParameter("myLast"); logger.error("myFirst: " + myFirst); logger.error("myLast: " + myLast); } catch (Exception e) { e.printStackTrace(); } } }

<script src="https://ajax.googleapis.com/ajax/libs/jquery/3.1.1/jquery.min.js"></script> <p data-sly-test="${properties.text}">Text property: ${properties.text}</p> <pre data-sly-use.hello="com.mycompany.example.core.models.HelloWorldModel"> HelloWorldModel says: ${hello.message} </pre> <button type="button" class="button-save">Save</button> <script> $('button').click(function(){ var myFirst= "QWERTYUIOP"; var myLast= "ASDFGHJKL"; console.log(myFirst, myLast); //Use JQuery AJAX request to post data to a Sling Servlet $.ajax({ type: 'POST', url:'/bin/JCRServiceServlet', data:{'myFirst' : myFirst,'myLast' : myLast}, success: function(msg){ alert("Received response from servlet"); } }); }); </script>

Report · ‎11-03-2017

If I hit this URL http://10.44.42.75:4502/bin/JCRServiceServlet, I see the below log on page.

Method GET not supported Cannot serve request to /bin/JCRServiceServlet in com.mycompany.example.core.servlets.SimpleServlet Request Progress: 0 TIMER_START{Request Processing} 0 COMMENT timer_end format is {<elapsed msec>,<timer name>} <optional message> 1 LOG Method=GET, PathInfo=/bin/JCRServiceServlet 1 TIMER_START{ResourceResolution} 1 TIMER_END{0,ResourceResolution} URI=/bin/JCRServiceServlet resolves to Resource=ServletResource, servlet=com.mycompany.example.core.servlets.SimpleServlet, path=/bin/JCRServiceServlet 1 LOG Resource Path Info: SlingRequestPathInfo: path='/bin/JCRServiceServlet', selectorString='null', extension='null', suffix='null' 1 TIMER_START{ServletResolution} 1 TIMER_START{resolveServlet(ServletResource, servlet=com.mycompany.example.core.servlets.SimpleServlet, path=/bin/JCRServiceServlet)} 1 TIMER_END{0,resolveServlet(ServletResource, servlet=com.mycompany.example.core.servlets.SimpleServlet, path=/bin/JCRServiceServlet)} Using servlet com.mycompany.example.core.servlets.SimpleServlet 1 TIMER_END{0,ServletResolution} URI=/bin/JCRServiceServlet handled by Servlet=com.mycompany.example.core.servlets.SimpleServlet 1 LOG Applying Requestfilters 1 LOG Calling filter: com.adobe.granite.requests.logging.impl.RequestLoggerImpl 1 LOG Calling filter: com.adobe.cq.social.ugcbase.security.impl.SaferSlingPostServlet 1 LOG Calling filter: org.apache.sling.bgservlets.impl.BackgroundServletStarterFilter 1 LOG Calling filter: com.adobe.granite.httpcache.impl.InnerCacheFilter 1 LOG Calling filter: com.day.cq.wcm.designimporter.CanvasPageDeleteRequestFilter 1 LOG Calling filter: com.adobe.cq.history.impl.HistoryRequestFilter 3 LOG Calling filter: com.day.cq.wcm.core.impl.WCMRequestFilter 3 LOG Calling filter: com.adobe.granite.optout.impl.OptOutFilter 3 LOG Calling filter: com.day.cq.theme.impl.ThemeResolverFilter 3 LOG Calling filter: com.day.cq.wcm.foundation.forms.impl.FormsHandlingServlet 3 LOG Calling filter: org.apache.sling.engine.impl.debug.RequestProgressTrackerLogFilter 3 LOG Calling filter: com.day.cq.analytics.provisioning.impl.UserAuthenticationRequestFilter 3 LOG Calling filter: com.adobe.cq.social.commons.cors.CORSAuthenticationFilter 3 LOG Calling filter: com.mycompany.example.core.filters.LoggingFilter 3 LOG Calling filter: com.day.cq.wcm.mobile.core.impl.redirect.RedirectFilter 3 LOG RedirectFilter did not redirect (not redirecting in author mode) 3 LOG Calling filter: com.day.cq.wcm.core.impl.warp.TimeWarpFilter 3 LOG Calling filter: org.apache.sling.rewriter.impl.RewriterFilter 3 LOG Calling filter: com.day.cq.wcm.core.impl.AuthoringUIModeServiceImpl 4 LOG Calling filter: org.apache.sling.i18n.impl.I18NFilter 4 LOG Calling filter: org.apache.sling.security.impl.ContentDispositionFilter 4 LOG Calling filter: com.adobe.granite.csrf.impl.CSRFFilter 4 LOG Calling filter: com.adobe.cq.dam.s7imaging.impl.auth.MemoryTokenAuthHandler 4 LOG Calling filter: com.day.cq.dam.core.impl.servlet.ActivityRecordHandler 4 LOG Calling filter: com.adobe.granite.resourceresolverhelper.impl.ResourceResolverHelperImpl 4 LOG Applying Componentfilters 4 LOG Calling filter: com.day.cq.wcm.core.impl.WCMComponentFilter 4 LOG Calling filter: com.day.cq.wcm.core.impl.WCMDebugFilter 4 LOG Calling filter: com.day.cq.personalization.impl.TargetComponentFilter 4 TIMER_START{com.mycompany.example.core.servlets.SimpleServlet#0} 4 LOG Applying Error filters 4 LOG Calling filter: org.apache.sling.rewriter.impl.RewriterFilter 4 LOG Calling filter: org.apache.sling.i18n.impl.I18NFilter 4 TIMER_START{handleError:status=405} 7 TIMER_END{3,handleError:status=405} Using handler /libs/sling/servlet/errorhandler/default.jsp 10 LOG Found processor for post processing ProcessorConfiguration: {contentTypes=[text/html],order=-1, active=true, valid=true, processErrorResponse=true, pipeline=(generator=Config(type=htmlparser, config={}), transformers=(Config(type=linkchecker, config={}), Config(type=mobile, config=JcrPropertyMap [node=Node[NodeDelegate{tree=/libs/cq/config/rewriter/default/transformer-mobile: { jcr:primaryType = nt:unstructured, component-optional = true}}], values={jcr:primaryType=nt:unstructured, component-optional=true}]), Config(type=mobiledebug, config=JcrPropertyMap [node=Node[NodeDelegate{tree=/libs/cq/config/rewriter/default/transformer-mobiledebug: { jcr:primaryType = nt:unstructured, component-optional = true}}], values={jcr:primaryType=nt:unstructured, component-optional=true}]), Config(type=contentsync, config=JcrPropertyMap [node=Node[NodeDelegate{tree=/libs/cq/config/rewriter/default/transformer-contentsync: { jcr:primaryType = nt:unstructured, component-optional = true}}], values={jcr:primaryType=nt:unstructured, component-optional=true}]), serializer=Config(type=htmlwriter, config={}))} 11 TIMER_END{11,Request Processing} Dumping SlingRequestProgressTracker Entries ApacheSling/2.4 (Apache Tomcat/8.0.30, Java HotSpot(TM) 64-Bit Server VM 1.8.0_92, Linux 2.6.32-573.7.1.el6.x86_64 amd64)

Var · ‎11-03-2017

Your method handles POST and the request from the URL will be by default GET try any Chrome plugins like POSTMAN to do the request by POST method to test.

Daniel_H__A__Li · ‎13-03-2017

Hi, Sonal.

A few things come to my mind... Can you please check the following?

Do your POST request has an Authorization header? You are POSTing to author and mostly of the author resources require authentication;
Do your POST request has a Referer header? Sling/AEM has a Referrer Filter and it may be forbidding your request;
Do your POST request has a CSRF-Token header? AEM has a CSRF-Token Filter and it may be forbidding your request.

To be on the safe side, try to use the JQuery library delivered with AEM (cq.jquery clientlib).

Regards,

Daniel.

smacdonald2008 · ‎13-03-2017

Are you using your own version of JQuery or AEM version - that is cq.jquery? When using AJAX to invoke a servlet - always use cq.jquery.

The default AEM JQuery has a token that lets you perform AJAX operations to AEM.

kautuk_sahni · ‎14-03-2017

Hi

Please try this:-

1. http://localhost:4502/system/console/configMgr

2. Search for 'Apache Sling Referrer Filter'

3. Remove POST method from the filter. Then you can call your POST method anywhere.

4. Select “Allow Empty”

I hope this would help you.

~kautuk

prathameshm8988 · ‎11-07-2020

Can we use this on the Production server also?

Jitendra_S_Toma · ‎29-12-2017

+1 kautuksahni

Adobe Experience Manager Sites & More

403 (Forbidden) error while executing servlet

The ultimate experience is back.

Join us in Vegas to build skills, learn from the world's top brands, and be inspired.

Learn

Documentation

Community

Support

Resources

Adobe account

Adobe