Adobe Experience Manager Sites & More

satheeshraj · 12:38:37 AM

Hi,

When I use Servlet-api-3.0.jar in cq5 version 5.6.1 I'm getting the below error. Please help me to resolve it.

Error:

30.10.2015 14:46:43.212 *ERROR* [0:0:0:0:0:0:0:1 [1446196603208] POST /system/console/bundles/325 HTTP/1.1] cqse-httpservice %bundles.pluginTitle: Cannot start (org.osgi.framework.BundleException: Unresolved constraint in bundle com.ceb.webcq-bundle [325]: Unable to resolve 325.24: missing requirement [325.24] osgi.wiring.package; (&(osgi.wiring.package=javax.servlet)(version>=3.0.0)(!(version>=4.0.0)))) org.osgi.framework.BundleException: Unresolved constraint in bundle com.ceb.webcq-bundle [325]: Unable to resolve 325.24: missing requirement [325.24] osgi.wiring.package; (&(osgi.wiring.package=javax.servlet)(version>=3.0.0)(!(version>=4.0.0)))
   at org.apache.felix.framework.Felix.resolveBundleRevision(Felix.java:3962)
   at org.apache.felix.framework.Felix.startBundle(Felix.java:2025)
   at org.apache.felix.framework.BundleImpl.start(BundleImpl.java:955)
   at org.apache.felix.framework.BundleImpl.start(BundleImpl.java:942)
   at org.apache.felix.webconsole.internal.core.BundlesServlet.doPost(BundlesServlet.java:364)

Regards,

Satheeshraj V

kautuk_sahni · 1:55:11 AM

Hi

Please find below the reference article to create httponly cookies on 2.5:

Link:- http://stackoverflow.com/questions/13147113/setting-an-httponly-cookie-with-javax-servlet-2-5

//

You are right, manually setting header is the right way to achive your goal.

You can also use javax.ws.rs.core.NewCookie or any other class with useful toString method to print cookie to a header to make things more simple.

public static String getHttpOnlyCookieHeader(Cookie cookie) {NewCookie newCookie = new NewCookie(cookie.getName(), cookie.getValue(),cookie.getPath(), cookie.getDomain(), cookie.getVersion(),cookie.getComment(), cookie.getMaxAge(), cookie.getSecure());return newCookie + "; HttpOnly";}

And the usage:

response.setHeader("SET-COOKIE", getHttpOnlyCookieHeader(myOriginalCookie));

OR

public void addCookie(String cookieName, String cookieValue, Integer maxAge, HttpServletResponse response) {Cookie cookie = new Cookie(cookieName, cookieValue);cookie.setPath("; HttpOnly;");cookie.setSecure(isSecureCookie);cookie.setMaxAge(maxAge);response.addCookie(cookie);}

I hope this would act as some help to you.

Thanks and Regards

Kautuk Sahni

元の投稿で解決策を見る

smacdonald2008 · 12:42:29 AM

For 5.6 - try using the Servlet JAR specified in this article - it works fine:

https://helpx.adobe.com/experience-manager/using/custom-sling-servlets.html

satheeshraj · 1:33:53 AM

Servlep-api-2.5.jar is working properly for me. But i need to upgrade it from 2.5 to 3.0. So when I replace the Servlep-api-2.5.jar to Servlep-api-3.0.jar I'm getting the error.

edubey · 2:53:33 AM

I guess, you might not be able to because 3.0 may not be compatible with AEM 5.6.1. I'll check this

Any specific reason for upgrade ?

satheeshraj · 6:02:00 AM

I need servlet-api-3.0.jar to use setHttpOnly() method available cookie object.

edubey · 8:21:08 AM

Take a look at https://www.owasp.org/index.php/HttpOnly#Using_Java_to_Set_HttpOnly.

It talks about a workaround which you can use in old jar

kautuk_sahni · 1:55:11 AM

Hi

Please find below the reference article to create httponly cookies on 2.5:

Link:- http://stackoverflow.com/questions/13147113/setting-an-httponly-cookie-with-javax-servlet-2-5

//

You are right, manually setting header is the right way to achive your goal.

You can also use javax.ws.rs.core.NewCookie or any other class with useful toString method to print cookie to a header to make things more simple.

public static String getHttpOnlyCookieHeader(Cookie cookie) {NewCookie newCookie = new NewCookie(cookie.getName(), cookie.getValue(),cookie.getPath(), cookie.getDomain(), cookie.getVersion(),cookie.getComment(), cookie.getMaxAge(), cookie.getSecure());return newCookie + "; HttpOnly";}

And the usage:

response.setHeader("SET-COOKIE", getHttpOnlyCookieHeader(myOriginalCookie));

OR

public void addCookie(String cookieName, String cookieValue, Integer maxAge, HttpServletResponse response) {Cookie cookie = new Cookie(cookieName, cookieValue);cookie.setPath("; HttpOnly;");cookie.setSecure(isSecureCookie);cookie.setMaxAge(maxAge);response.addCookie(cookie);}