AEM upgrade from 6.3 to 6.5 issue

subrato_kha

07-04-2020

Hi All,

 

We are trying to upgrade from AEM 6.3 to 6.5. After the upgrade we noticed that gigya cloud configuration stopped working causing error in the jsp of gigya. On further investigation we found out that com.day.crx.security.token.impl.impl.TokenAuthenticationHandler  in OSGI have Enable encapsulated token support checkbox. Once we disable it , Gigya starts working and keeping it enabled causing gigya to fail. This work in 6.3 and we never faced issue. On further findings I found that once I enable encapsulated token the value of cp.get("tokenExpiration") in below code is null which breaks the code

<%@ page import="org.apache.jackrabbit.oak.spi.security.authentication.token.TokenConfiguration" %>
<%@ page import="org.apache.jackrabbit.oak.spi.security.ConfigurationParameters" %>

int getTokenExp(TokenConfiguration tc) {

ConfigurationParameters cp = tc.getParameters();
Long exp = Long.parseLong((String) cp.get("tokenExpiration"));
exp = exp / 1000;
return exp.intValue();
}


and when encapsulated token is disabled it returns the below highlighted  value in the image.

Screenshot 2020-04-08 at 00.49.07.png

 

want to know is there a change in AEM 6.5 related to this, what is the suggested fix?

@Jörg_Hoh @kautuk_sahni 

Accepted Solutions (1)

Accepted Solutions (1)

Jörg_Hoh

Employee

09-04-2020

The encapsulated token is a security feature, which allows to validate the token created on a single (publish) AEM instance also on other instances. The Gigya client seems to rely on some implementation details of the token. Is there an update available for the client, which works together with encapsulated tokens?

 

Jörg

Answers (0)