Solved: Error while using Servlet-api-3.0 jar - Adobe Experience League Community

View profile · 02-11-2015

Hi,

When I use Servlet-api-3.0.jar in cq5 version 5.6.1 I'm getting the below error. Please help me to resolve it.

Error:

30.10.2015 14:46:43.212 *ERROR* [0:0:0:0:0:0:0:1 [1446196603208] POST /system/console/bundles/325 HTTP/1.1] cqse-httpservice %bundles.pluginTitle: Cannot start (org.osgi.framework.BundleException: Unresolved constraint in bundle com.ceb.webcq-bundle [325]: Unable to resolve 325.24: missing requirement [325.24] osgi.wiring.package; (&(osgi.wiring.package=javax.servlet)(version>=3.0.0)(!(version>=4.0.0)))) org.osgi.framework.BundleException: Unresolved constraint in bundle com.ceb.webcq-bundle [325]: Unable to resolve 325.24: missing requirement [325.24] osgi.wiring.package; (&(osgi.wiring.package=javax.servlet)(version>=3.0.0)(!(version>=4.0.0)))
   at org.apache.felix.framework.Felix.resolveBundleRevision(Felix.java:3962)
   at org.apache.felix.framework.Felix.startBundle(Felix.java:2025)
   at org.apache.felix.framework.BundleImpl.start(BundleImpl.java:955)
   at org.apache.felix.framework.BundleImpl.start(BundleImpl.java:942)
   at org.apache.felix.webconsole.internal.core.BundlesServlet.doPost(BundlesServlet.java:364)

Regards,

Satheeshraj V

View profile · 05-11-2015

Hi

Please find below the reference article to create httponly cookies on 2.5:

Link:- http://stackoverflow.com/questions/13147113/setting-an-httponly-cookie-with-javax-servlet-2-5

//

You are right, manually setting header is the right way to achive your goal.

You can also use javax.ws.rs.core.NewCookie or any other class with useful toString method to print cookie to a header to make things more simple.

public static String getHttpOnlyCookieHeader(Cookie cookie) {NewCookie newCookie = new NewCookie(cookie.getName(), cookie.getValue(),cookie.getPath(), cookie.getDomain(), cookie.getVersion(),cookie.getComment(), cookie.getMaxAge(), cookie.getSecure());return newCookie + "; HttpOnly";}

And the usage:

response.setHeader("SET-COOKIE", getHttpOnlyCookieHeader(myOriginalCookie));

OR

public void addCookie(String cookieName, String cookieValue, Integer maxAge, HttpServletResponse response) {Cookie cookie = new Cookie(cookieName, cookieValue);cookie.setPath("; HttpOnly;");cookie.setSecure(isSecureCookie);cookie.setMaxAge(maxAge);response.addCookie(cookie);}

I hope this would act as some help to you.

Thanks and Regards

Kautuk Sahni

View profile · 03-11-2015

Take a look at https://www.owasp.org/index.php/HttpOnly#Using_Java_to_Set_HttpOnly.

It talks about a workaround which you can use in old jar

View profile · 03-11-2015

I need servlet-api-3.0.jar to use setHttpOnly() method available cookie object.

View profile · 02-11-2015

I guess, you might not be able to because 3.0 may not be compatible with AEM 5.6.1. I'll check this

Any specific reason for upgrade ?

View profile · 02-11-2015

Servlep-api-2.5.jar is working properly for me. But i need to upgrade it from 2.5 to 3.0. So when I replace the Servlep-api-2.5.jar to Servlep-api-3.0.jar I'm getting the error.

View profile · 02-11-2015

For 5.6 - try using the Servlet JAR specified in this article - it works fine:

https://helpx.adobe.com/experience-manager/using/custom-sling-servlets.html

Error while using Servlet-api-3.0 jar

Accepted Solutions (1)

Accepted Solutions (1)

Answers (5)

Answers (5)