Expand my Community achievements bar.

Don’t miss the AEM Skill Exchange in SF on Nov 14—hear from industry leaders, learn best practices, and enhance your AEM strategy with practical tips.
Read More & Register today!
SOLVED

AEM: Recommended approach for performing POST request to AEM >=6.2

Avatar

Level 4
Level 4
6/26/18 12:37:19 AM

Hello Guys, I have been searching all the forums and blogs to find out the recommended approach for implementing an http post request to my website on AEM publish instances. (Mine is a public site and there is no login feature)

Note: This is for a production instance and I don't want to rely on jquery.

Can you please suggest the approach that  I should follow in below scenarios.

1. Initiate a server to server post request (from external server to AEM server)

2. Initiate a post request from client (say a form submission on the website)

Appreciate your help here.

Regards,

Anand MN

Views

5.9K

Replies

4
Sign in to like this content

Total Likes

Translate
Translate
1 Accepted Solution

Avatar

Correct answer by
Community Advisor
Community Advisor
6/26/18 8:32:01 AM

Hi,

If you do server to server POST call, which makes it more secure than making POST call from client.

But in AEM 'Apache Sling Referrer Filter' configuration make sure the type of request which are allowed from particular domain, so AEM provide one more layer of security. So if you can go for client as well otherwise server side Post call is always advisable if traffic is less otherwise server load will be increased.

Referrer Filter settings



Arun Patidar

View solution in original post

Views

4.8K

Replies

0
Sign in to like this content

Total Likes

Translate
Translate
Jump to reply
4 Replies

Avatar

Correct answer by
Community Advisor
Community Advisor
6/26/18 8:32:01 AM

Hi,

If you do server to server POST call, which makes it more secure than making POST call from client.

But in AEM 'Apache Sling Referrer Filter' configuration make sure the type of request which are allowed from particular domain, so AEM provide one more layer of security. So if you can go for client as well otherwise server side Post call is always advisable if traffic is less otherwise server load will be increased.

Referrer Filter settings



Arun Patidar

Views

4.8K

Replies

0
Sign in to like this content

Total Likes

Translate
Translate
Jump to reply

Avatar

Level 4
Level 4
12/19/18 1:46:14 AM

Dear Arun, To be honest , I doubt if this has answered my question. How will you tackle the CSRF token filter issue here ?

Let me tell you how I have solved my issue.

1. In the "Adobe Grantite CSRF Filter", add my servlet to the exclusion list.

2. Check the Allow Empty in the "Apache Sling Referrer Filter".

With the above 2 changes my post request are working in both scenarios.

Now my doubt is , is this a recommened approach for doing POST request in a production publish instance.  How can I have an integration between a non aem system and AEM with POST.

Views

5.0K

Replies

0
Sign in to like this content

Total Likes

Translate
Translate
Related Conversations
Reg: Video Smartcrops in AEM 6.5

Views

41

Likes

0

Replies

1
How to propagate template code changes to sites using that template

Views

74

Likes

0

Replies

3
how to implement nonce for Content-Security-Policy script-src directive in dispatcher

Views

91

Likes

0

Replies

2
Sharing common data to multiple features in Tab component

Views

215

Likes

0

Replies

13
Ability to preview or thumbnail to preview for XF

Views

80

Likes

0

Replies

2