Expand my Community achievements bar.

SOLVED

AEM Post Servlet Ajax call fails on first time call when page opened in new browser.

Avatar

Level 2
Level 2
5/22/17 11:38:09 PM

I have a requirement to post a comment on successful authentication and I'm using AEM login mechanism as below:

1. Login using AJAX call

$(document).ready(function() { if(userName && password) { $.ajax({ type:'POST', url : path[0]+"/j_security_check", data: { j_username: userName, j_password: password, j_validate:"true" }, success: function(data, textStatus, jqXHR){ console.log("passed security authentication"); postCommentFunction(); }, error: function(xhr, textStatus) { console.log(textStatus); } }); } else { //error authentication } }

2. On successful authentication, the postCommentFunction() which is a javascript function is executed which in turns executes an Ajax call to servlet to post a comment.

function postCommentFunction() { var userName=$(".username").val(); var pageUrl = $(".page-url").val(); var pagetitle = $(".page-title").val(); var comment = $(".comments-area").val(); var operation = "comment"; $.ajax({ url : "/bin/likesAndCommentsNotifier", type : "POST", data : {comment:comment, pageUrl:pageUrl, pageTitle:pagetitle, operation:operation, userName:userName}, success : function(data, textStatus, jqXHR) { console.log("postcomment success"); }, error : function(xhr, status, error){ console.log("postcomment error is:" + xhr.responseText + error); } }); }

However, when I first open a new browser and enter the URL and open the page, I click on the login window, enter correct username and password, and on click on submit:

1. The ready function executes the if condition and I see message on console as 'passed security authentication'

2. Then it gives call to postCommentFunction() but executes a error on call to Ajax and returns message as 'postcomment error is: 403 Forbidden. Cannot serve request to /bin/likesAndCommentNotifier in /libs/sling/servlet/errorhandler/default.jsp'

3. When I refresh the page and try again, the postCommentFunction() returns success.

Not sure if this has to do with login token which is created or the Ajax function called inside a JS function called inside a Ajax function.

The case is only when I first open a new browser and try to login the Ajax call inside the function postCommentFunction() fails.

Any pointers will be appreciated greatly.

Thanks,

Jineet

Views

3.7K

Replies

5
Sign in to like this content

Total Likes

Translate
Translate
1 Accepted Solution

Avatar

Correct answer by
Level 7
Level 7
5/23/17 8:31:24 AM

Are you using AEM from a Dispatcher?

If yes, you need to be sure that dispatcher is configured in order to allow pass of csrf-tocket header and filter allow the following path /libs/granite/csrf/token.json

Otherwise token taked with the token.json is not sent to AEM.

View solution in original post

Views

2.0K

Replies

0
Sign in to like this content

Total Likes

Translate
Translate
Jump to reply
5 Replies

Avatar

Level 7
Level 7
5/23/17 5:21:54 AM

Hi,

are you using jquery from AEM or custom jquery?

I think this could be a problem related to csrf token.

If you are using custom jquery you need to add a dependency to granite.csrf.standalone clientlib, in order to avoid 403 from AEM [0].

[0] https://docs.adobe.com/docs/en/aem/6-2/develop/security/csrf-protection.html

Let me know.

Views

1.9K

Replies

0
Sign in to like this content

Total Likes

Translate
Translate

Avatar

Level 8
Level 8
5/23/17 5:46:31 AM

You need to update the users information in the browser.  Try the below.  It clears any current information stored in the users profile and reloads it after successful login.

$(document).ready(function() { if(userName && password) { if (CQ_Analytics) { if (CQ_Analytics.ProfileDataMgr) { //Clear the current profile CQ_Analytics.ProfileDataMgr.clear(); } } $.ajax({ type:'POST', url : path[0]+"/j_security_check", data: { j_username: userName, j_password: password, j_validate:"true" }, success: function(data, textStatus, jqXHR){ console.log("passed security authentication"); if (CQ_Analytics) { //Load the users profile CQ_Analytics.ProfileDataMgr.loadProfile(userName); postCommentFunction(); } }, error: function(xhr, textStatus) { console.log(textStatus); } }); } else { //error authentication } }

Views

2.3K

Replies

0
Sign in to like this content

Total Likes

Translate
Translate

Avatar

Level 2
Level 2
5/23/17 7:40:54 AM

When I change the second Ajax call method in function postCommentFunction() from POST to GET after adding doGet method in Java Servlet, this works.

Not sure what it has to do with POST.

Views

2.0K

Replies

0
Sign in to like this content

Total Likes

Translate
Translate

Avatar

Correct answer by
Level 7
Level 7
5/23/17 8:31:24 AM

Are you using AEM from a Dispatcher?

If yes, you need to be sure that dispatcher is configured in order to allow pass of csrf-tocket header and filter allow the following path /libs/granite/csrf/token.json

Otherwise token taked with the token.json is not sent to AEM.

Views

2.0K

Replies

0
Sign in to like this content

Total Likes

Translate
Translate
Jump to reply