コミュニティアチーブメントバーを展開する。

Submissions are now open for the 2026 Adobe Experience Maker Awards.
Apply Now

Mark Solution

この会話は、活動がないためロックされています。新しい投稿を作成してください。

解決済み

Change user session for Anonymous URLs

Avatar

Level 2
Level 2
2020/07/14 9:30:07 PM

Hi Experts,

 

Is it not possible to intercept a URL ( that is whitelisted for anonymous usage through "Apache Sling Authentication Service" configuration ) in AEM's Sling Filter and change it's User session ?

 

I'm trying to implement it with HttpServletRequestWrapper by adding a valid basic authorization token to request header. But, as I do requestWrapper.getUserPrincipal().getName().toString(), is still returning "anonymous" user. Any idea?

トピック

トピックはコミュニティのコンテンツの分類に役立ち、関連コンテンツを発見する可能性を広げます。

Experience Manager

表示

1.2K

返信

3
ログインしてこのコンテンツに「いいね!」する

いいね!の合計

翻訳
翻訳
1 受け入れられたソリューション

Avatar

正解者
Employee Advisor
Employee Advisor
2020/07/15 4:48:12 AM

Hi,

Is my understanding correct that based on certain criteria you want to switch an anonymous session into an authenticated session of a different user?

Technically it should be possible (wrap the HttpRequest and inject a different session), but that's a lot of of work to make it right in all circumstances.

 

What do you want to achieve with that? I am quite sure that there might be a simpler way to solve your requirement.

 

Jörg

元の投稿で解決策を見る

表示

1.2K

返信

2
ログインしてこのコンテンツに「いいね!」する

いいね!の合計

翻訳
翻訳
返信にジャンプ
3 返信

Avatar

正解者
Employee Advisor
Employee Advisor
2020/07/15 4:48:12 AM

Hi,

Is my understanding correct that based on certain criteria you want to switch an anonymous session into an authenticated session of a different user?

Technically it should be possible (wrap the HttpRequest and inject a different session), but that's a lot of of work to make it right in all circumstances.

 

What do you want to achieve with that? I am quite sure that there might be a simpler way to solve your requirement.

 

Jörg

表示

1.2K

返信

2
ログインしてこのコンテンツに「いいね!」する

いいね!の合計

翻訳
翻訳
返信にジャンプ

Avatar

Level 2
Level 2
2020/07/23 10:15:29 AM
Jörg_Hohに対する応答
Hi Jörg, yes, you are right. I want an external system to access /bin/querybuilder.json, but since it is an authenticated service, I've taken an approach to creating an anonymous servlet that acts like a controller that collects request, check the header for token, authorize against an external OAuth server and if successful, want to create a system user session and pass it to the Querybuilder API using sling's org.apache.sling.engine.SlingRequestProcessor. Please suggest any better approach.

表示

1.1K

返信

0
ログインしてこのコンテンツに「いいね!」する

いいね!の合計

翻訳
翻訳

Avatar

Employee Advisor
Employee Advisor
2020/07/27 12:28:29 PM
Jörg_Hohに対する応答
Hm, that sounds quite problematic, because you need to proxy a request. If you are familiar with the QueryBuilder java API, you could write your own servlet, which checks against the external system and then uses the QueryBuilder API directly. You don't start a new HTTP request, but instead approach the API directly. And then you can also pass a different JCR session than the session the user is using; for example you can use a JCR system user.

表示

1.1K

返信

0
ログインしてこのコンテンツに「いいね!」する

いいね!の合計

翻訳
翻訳
関連する会話
Arbitrary IDs for Core Teaser CTAs for Analytics Solved

表示

176

いいね!

0

返信

2
How to add metadata to videos for AEM Solved

表示

525

いいね!

0

返信

3
sonar exclusion for acs commons Solved

表示

1.4K

いいね!

0

返信

4
Edge Delivery Encoded URLs Solved

表示

331

いいね!

0

返信

1
Issue with Special Characters (|) in URLs within Open HTML Component Solved

表示

671

いいね!

0

返信

1