Your achievements

Level 1

0% to

Level 2

Tip /
Sign in

Sign in to Community

to gain points, level up, and earn exciting badges like the new
BedrockMission!

Learn More

View all

Sign in to view all badges

AEM upgrade from 6.3 to 6.5 issue

Avatar

Avatar
Springboard
Level 3
subrato_kha
Level 3

Likes

10 likes

Total Posts

49 posts

Correct Reply

2 solutions
Top badges earned
Springboard
Establish
Validate 1
Ignite 5
Ignite 3
View profile

Avatar
Springboard
Level 3
subrato_kha
Level 3

Likes

10 likes

Total Posts

49 posts

Correct Reply

2 solutions
Top badges earned
Springboard
Establish
Validate 1
Ignite 5
Ignite 3
View profile
subrato_kha
Level 3

07-04-2020

Hi All,

 

We are trying to upgrade from AEM 6.3 to 6.5. After the upgrade we noticed that gigya cloud configuration stopped working causing error in the jsp of gigya. On further investigation we found out that com.day.crx.security.token.impl.impl.TokenAuthenticationHandler  in OSGI have Enable encapsulated token support checkbox. Once we disable it , Gigya starts working and keeping it enabled causing gigya to fail. This work in 6.3 and we never faced issue. On further findings I found that once I enable encapsulated token the value of cp.get("tokenExpiration") in below code is null which breaks the code

<%@ page import="org.apache.jackrabbit.oak.spi.security.authentication.token.TokenConfiguration" %>
<%@ page import="org.apache.jackrabbit.oak.spi.security.ConfigurationParameters" %>

int getTokenExp(TokenConfiguration tc) {

ConfigurationParameters cp = tc.getParameters();
Long exp = Long.parseLong((String) cp.get("tokenExpiration"));
exp = exp / 1000;
return exp.intValue();
}


and when encapsulated token is disabled it returns the below highlighted  value in the image.

Screenshot 2020-04-08 at 00.49.07.png

 

want to know is there a change in AEM 6.5 related to this, what is the suggested fix?

@Jörg_Hoh @kautuk_sahni 

Accepted Solutions (1)

Accepted Solutions (1)

Avatar

Avatar
Coach
Employee
Jörg_Hoh
Employee

Likes

1,133 likes

Total Posts

3,161 posts

Correct Reply

1,079 solutions
Top badges earned
Coach
Give back 600
Ignite 5
Ignite 3
Ignite 1
View profile

Avatar
Coach
Employee
Jörg_Hoh
Employee

Likes

1,133 likes

Total Posts

3,161 posts

Correct Reply

1,079 solutions
Top badges earned
Coach
Give back 600
Ignite 5
Ignite 3
Ignite 1
View profile
Jörg_Hoh
Employee

09-04-2020

The encapsulated token is a security feature, which allows to validate the token created on a single (publish) AEM instance also on other instances. The Gigya client seems to rely on some implementation details of the token. Is there an update available for the client, which works together with encapsulated tokens?

 

Jörg

Answers (0)