Adobe Experience Manager Sites & More

subrato_kha · ‎16-04-2020

Hi All,

We are trying to upgrade from AEM 6.3 to 6.5. After the upgrade we noticed that gigya cloud configuration stopped working causing error in the jsp of gigya. On further investigation we found out that com.day.crx.security.token.impl.impl.TokenAuthenticationHandler in OSGI have Enable encapsulated token support checkbox. Once we disable it , Gigya starts working and keeping it enabled causing gigya to fail. This work in 6.3 and we never faced issue. On further findings I found that once I enable encapsulated token the value of cp.get("tokenExpiration") in below code is null which breaks the code

<%@ page import="org.apache.jackrabbit.oak.spi.security.authentication.token.TokenConfiguration" %>
<%@ page import="org.apache.jackrabbit.oak.spi.security.ConfigurationParameters" %>

int getTokenExp(TokenConfiguration tc) {

ConfigurationParameters cp = tc.getParameters();
Long exp = Long.parseLong((String) cp.get("tokenExpiration"));
exp = exp / 1000;
return exp.intValue();
}

and when encapsulated token is disabled it returns the below highlighted value in the image.

Screenshot 2020-04-08 at 00.49.07.png

want to know is there a change in AEM 6.5 related to this, what is the suggested fix?

@Jörg_Hoh @kautuk_sahni

subrato_kha · ‎16-04-2020

The encapsulated token is a security feature, which allows to validate the token created on a single (publish) AEM instance also on other instances. The Gigya client seems to rely on some implementation details of the token. Is there an update available for the client, which works together with encapsulated tokens?

Jörg

Adobe Experience Manager Sites & More

AEM upgrade from 6.3 to 6.5 issue

Accepted Solutions (1)

Accepted Solutions (1)

Answers (0)