Expand my Community achievements bar.

Dive into Adobe Summit 2024! Explore curated list of AEM sessions & labs, register, connect with experts, ask questions, engage, and share insights. Don't miss the excitement.

AEM 6.0 to 6.3 Upgrade - Authentication issue with post servlet (web service)

Avatar

Level 2

Hello,

I am having a weird issue and not sure how to resolve it! We are in the process of upgrading from AEM 6.0 to 6.3. In 6.3 we have created several web services to support almost all the UI features like Upload Asset, Get Asset, Lock/Unlock Asset etc. I am testing the same services from my local Eclipse client and Chrome Postman REST client.

Basically during testing, I am providing my user id as "AUTH_USER" header key. AEM 6.0 authenticates me using SlingAuthenticator and my ID is available as principal in the servlet code (request.getUserPrincipal()).

In case of 6.3, the web service invocation works fine first time. But then it fails to authenticate my ID for next 1 hour or so. After that period, it again works one time and so on. Following is the message I get in error.log during that "period"

16.06.2017 14:52:09.420 INFO [qtp1065074294-107] org.apache.sling.auth.core.impl.SlingAuthenticator handleLoginFailure: Unable to authenticate apaldhik: Login Failure: all modules ignored

As per Adobe support recommendation, I also added the CSRF-Token but that doesn't help (it does work without CSRF token once every hour !).

Any help/pointers are greatly appreciated.

Thanks -

Atul

0 Replies