Expand my Community achievements bar.

Join expert-led, customer-led sessions on Adobe Experience Manager Assets on August 20th at our Skill Exchange.
Register Now

Mark Solution

This conversation has been locked due to inactivity. Please create a new post.

403 (Forbidden) error while executing servlet

Avatar

Former Community Member
3/11/17 2:03:00 AM

Hi. My usecase is I want to fetch values from servlet which I am passing through Ajax call. I added a button and using jquery and ajax, I am calling a servlet. But I am getting an error in chrome console

POST http://10.44.42.75:4502/bin/JCRServiceServlet 403 (Forbidden)

 

Can anybody tell me what is wrong? The console is displaying the values of myFirst and myLast variables. Please find my code as below:

 

@SlingServlet(paths = "/bin/JCRServiceServlet", methods = "POST", metatype = true) public class SimpleServlet extends org.apache.sling.api.servlets.SlingAllMethodsServlet { private Logger logger = LoggerFactory.getLogger(this.getClass()); private static final long serialVersionUID = 2598426539166789515L; @Override protected void doPost(SlingHttpServletRequest request, SlingHttpServletResponse response) throws ServerException, IOException { try { String myFirst = request.getParameter("myFirst"); String myLast = request.getParameter("myLast"); logger.error("myFirst: " + myFirst); logger.error("myLast: " + myLast); } catch (Exception e) { e.printStackTrace(); } } }

 

 

 

<script src="https://ajax.googleapis.com/ajax/libs/jquery/3.1.1/jquery.min.js"></script> <p data-sly-test="${properties.text}">Text property: ${properties.text}</p> <pre data-sly-use.hello="com.mycompany.example.core.models.HelloWorldModel"> HelloWorldModel says: ${hello.message} </pre> <button type="button" class="button-save">Save</button> <script> $('button').click(function(){ var myFirst= "QWERTYUIOP"; var myLast= "ASDFGHJKL"; console.log(myFirst, myLast); //Use JQuery AJAX request to post data to a Sling Servlet $.ajax({ type: 'POST', url:'/bin/JCRServiceServlet', data:{'myFirst' : myFirst,'myLast' : myLast}, success: function(msg){ alert("Received response from servlet"); } }); }); </script>

Views

22.8K

Replies

7

Total Likes

Translate
Translate
7 Replies

Avatar

Former Community Member
3/11/17 2:07:49 AM

If I hit this URL http://10.44.42.75:4502/bin/JCRServiceServlet, I see the below log on page.

 

Method GET not supported Cannot serve request to /bin/JCRServiceServlet in com.mycompany.example.core.servlets.SimpleServlet Request Progress: 0 TIMER_START{Request Processing} 0 COMMENT timer_end format is {<elapsed msec>,<timer name>} <optional message> 1 LOG Method=GET, PathInfo=/bin/JCRServiceServlet 1 TIMER_START{ResourceResolution} 1 TIMER_END{0,ResourceResolution} URI=/bin/JCRServiceServlet resolves to Resource=ServletResource, servlet=com.mycompany.example.core.servlets.SimpleServlet, path=/bin/JCRServiceServlet 1 LOG Resource Path Info: SlingRequestPathInfo: path='/bin/JCRServiceServlet', selectorString='null', extension='null', suffix='null' 1 TIMER_START{ServletResolution} 1 TIMER_START{resolveServlet(ServletResource, servlet=com.mycompany.example.core.servlets.SimpleServlet, path=/bin/JCRServiceServlet)} 1 TIMER_END{0,resolveServlet(ServletResource, servlet=com.mycompany.example.core.servlets.SimpleServlet, path=/bin/JCRServiceServlet)} Using servlet com.mycompany.example.core.servlets.SimpleServlet 1 TIMER_END{0,ServletResolution} URI=/bin/JCRServiceServlet handled by Servlet=com.mycompany.example.core.servlets.SimpleServlet 1 LOG Applying Requestfilters 1 LOG Calling filter: com.adobe.granite.requests.logging.impl.RequestLoggerImpl 1 LOG Calling filter: com.adobe.cq.social.ugcbase.security.impl.SaferSlingPostServlet 1 LOG Calling filter: org.apache.sling.bgservlets.impl.BackgroundServletStarterFilter 1 LOG Calling filter: com.adobe.granite.httpcache.impl.InnerCacheFilter 1 LOG Calling filter: com.day.cq.wcm.designimporter.CanvasPageDeleteRequestFilter 1 LOG Calling filter: com.adobe.cq.history.impl.HistoryRequestFilter 3 LOG Calling filter: com.day.cq.wcm.core.impl.WCMRequestFilter 3 LOG Calling filter: com.adobe.granite.optout.impl.OptOutFilter 3 LOG Calling filter: com.day.cq.theme.impl.ThemeResolverFilter 3 LOG Calling filter: com.day.cq.wcm.foundation.forms.impl.FormsHandlingServlet 3 LOG Calling filter: org.apache.sling.engine.impl.debug.RequestProgressTrackerLogFilter 3 LOG Calling filter: com.day.cq.analytics.provisioning.impl.UserAuthenticationRequestFilter 3 LOG Calling filter: com.adobe.cq.social.commons.cors.CORSAuthenticationFilter 3 LOG Calling filter: com.mycompany.example.core.filters.LoggingFilter 3 LOG Calling filter: com.day.cq.wcm.mobile.core.impl.redirect.RedirectFilter 3 LOG RedirectFilter did not redirect (not redirecting in author mode) 3 LOG Calling filter: com.day.cq.wcm.core.impl.warp.TimeWarpFilter 3 LOG Calling filter: org.apache.sling.rewriter.impl.RewriterFilter 3 LOG Calling filter: com.day.cq.wcm.core.impl.AuthoringUIModeServiceImpl 4 LOG Calling filter: org.apache.sling.i18n.impl.I18NFilter 4 LOG Calling filter: org.apache.sling.security.impl.ContentDispositionFilter 4 LOG Calling filter: com.adobe.granite.csrf.impl.CSRFFilter 4 LOG Calling filter: com.adobe.cq.dam.s7imaging.impl.auth.MemoryTokenAuthHandler 4 LOG Calling filter: com.day.cq.dam.core.impl.servlet.ActivityRecordHandler 4 LOG Calling filter: com.adobe.granite.resourceresolverhelper.impl.ResourceResolverHelperImpl 4 LOG Applying Componentfilters 4 LOG Calling filter: com.day.cq.wcm.core.impl.WCMComponentFilter 4 LOG Calling filter: com.day.cq.wcm.core.impl.WCMDebugFilter 4 LOG Calling filter: com.day.cq.personalization.impl.TargetComponentFilter 4 TIMER_START{com.mycompany.example.core.servlets.SimpleServlet#0} 4 LOG Applying Error filters 4 LOG Calling filter: org.apache.sling.rewriter.impl.RewriterFilter 4 LOG Calling filter: org.apache.sling.i18n.impl.I18NFilter 4 TIMER_START{handleError:status=405} 7 TIMER_END{3,handleError:status=405} Using handler /libs/sling/servlet/errorhandler/default.jsp 10 LOG Found processor for post processing ProcessorConfiguration: {contentTypes=[text/html],order=-1, active=true, valid=true, processErrorResponse=true, pipeline=(generator=Config(type=htmlparser, config={}), transformers=(Config(type=linkchecker, config={}), Config(type=mobile, config=JcrPropertyMap [node=Node[NodeDelegate{tree=/libs/cq/config/rewriter/default/transformer-mobile: { jcr:primaryType = nt:unstructured, component-optional = true}}], values={jcr:primaryType=nt:unstructured, component-optional=true}]), Config(type=mobiledebug, config=JcrPropertyMap [node=Node[NodeDelegate{tree=/libs/cq/config/rewriter/default/transformer-mobiledebug: { jcr:primaryType = nt:unstructured, component-optional = true}}], values={jcr:primaryType=nt:unstructured, component-optional=true}]), Config(type=contentsync, config=JcrPropertyMap [node=Node[NodeDelegate{tree=/libs/cq/config/rewriter/default/transformer-contentsync: { jcr:primaryType = nt:unstructured, component-optional = true}}], values={jcr:primaryType=nt:unstructured, component-optional=true}]), serializer=Config(type=htmlwriter, config={}))} 11 TIMER_END{11,Request Processing} Dumping SlingRequestProgressTracker Entries ApacheSling/2.4 (Apache Tomcat/8.0.30, Java HotSpot(TM) 64-Bit Server VM 1.8.0_92, Linux 2.6.32-573.7.1.el6.x86_64 amd64)

Views

17.9K

Replies

1

Total Likes

Translate
Translate

Avatar

Level 5
Level 5
3/11/17 8:09:34 AM
In response to Deleted Account

Your method handles POST and the request from the URL will be by default GET try any Chrome plugins like POSTMAN to do the request by POST method to test.

Views

17.9K

Replies

0
Sign in to like this content

Total Likes

Translate
Translate

Avatar

Level 2
Level 2
3/13/17 2:15:41 AM

Hi, Sonal.

A few things come to my mind... Can you please check the following?

  1. Do your POST request has an Authorization header? You are POSTing to author and mostly of the author resources require authentication;
  2. Do your POST request has a Referer header? Sling/AEM has a Referrer Filter and it may be forbidding your request;
  3. Do your POST request has a CSRF-Token header? AEM has a CSRF-Token Filter and it may be forbidding your request.

To be on the safe side, try to use the JQuery library delivered with AEM (cq.jquery clientlib).

Regards,

Daniel.

Views

17.9K

Replies

0
Sign in to like this content

Total Likes

Translate
Translate

Avatar

Level 10
Level 10
3/13/17 7:08:45 AM

Are you using your own version of JQuery or AEM version - that is cq.jquery? When using AJAX to invoke a servlet - always use cq.jquery. 

The default AEM JQuery has a token that lets you perform AJAX operations to AEM. 

Views

17.9K

Replies

0
Sign in to like this content

Total Likes

Translate
Translate

Avatar

Administrator
Administrator
3/14/17 1:48:29 AM

Hi

Please try this:-

1. http://localhost:4502/system/console/configMgr

2. Search for 'Apache Sling Referrer Filter'

3. Remove POST method from the filter. Then you can call your POST method anywhere.

4. Select “Allow Empty”

I hope this would help you.

~kautuk



Kautuk Sahni

Views

17.9K

Replies

1
Sign in to like this content

Total Likes

Translate
Translate

Avatar

Level 1
Level 1
7/11/20 4:23:01 AM
In response to kautuk_sahni

Can we use this on the Production server also?

Views

15.2K

Replies

0
Sign in to like this content

Total Likes

Translate
Translate

Avatar

Level 9
Level 9
12/29/17 3:03:44 AM

+1 kautuksahni

Views

17.9K

Replies

0
Sign in to like this content

Total Likes

Translate
Translate
Related Conversations
Need Help with Document-Based Authoring in SharePoint – 404 Error on Preview/Publish

Views

237

Likes

0

Replies

2
While deployment in Jenkins this is the error

Views

435

Likes

0

Replies

7
Issue with a custom built servlet

Views

478

Likes

0

Replies

8
Issue Regarding inner html while using dialog dropdown

Views

351

Like

1

Replies

3
Servlet-Based RTE Config Approach

Views

215

Likes

0

Replies

1