AEM upgrade from 6.3 to 6.5 issue

Question

Hi All,

We are trying to upgrade from AEM 6.3 to 6.5. After the upgrade we noticed that gigya cloud configuration stopped working causing error in the jsp of gigya. On further investigation we found out that com.day.crx.security.token.impl.impl.TokenAuthenticationHandler in OSGI have Enable encapsulated token support checkbox. Once we disable it , Gigya starts working and keeping it enabled causing gigya to fail. This work in 6.3 and we never faced issue. On further findings I found that once I enable encapsulated token the value of cp.get("tokenExpiration") in below code is null which breaks the code

<%@ page import="org.apache.jackrabbit.oak.spi.security.authentication.token.TokenConfiguration" %>
<%@ page import="org.apache.jackrabbit.oak.spi.security.ConfigurationParameters" %>

int getTokenExp(TokenConfiguration tc) {

ConfigurationParameters cp = tc.getParameters();
Long exp = Long.parseLong((String) cp.get("tokenExpiration"));
exp = exp / 1000;
return exp.intValue();
}

and when encapsulated token is disabled it returns the below highlighted value in the image.

want to know is there a change in AEM 6.5 related to this, what is the suggested fix?

@joerghoh @kautuk_sahni

joerghoh · Accepted Answer

The encapsulated token is a security feature, which allows to validate the token created on a single (publish) AEM instance also on other instances. The Gigya client seems to rely on some implementation details of the token. Is there an update available for the client, which works together with encapsulated tokens?

Jörg

subrato_kha · Answer

issue solved

Sign up

Login with SSO

Login to the community

Login with SSO

Scanning file for viruses.

This file cannot be downloaded