Expand my Community achievements bar.

Dive into Adobe Summit 2024! Explore curated list of AEM sessions & labs, register, connect with experts, ask questions, engage, and share insights. Don't miss the excitement.
SOLVED

Error while using Servlet-api-3.0 jar

Avatar

Level 2

Hi,

When I use Servlet-api-3.0.jar in cq5 version 5.6.1 I'm getting the below error. Please help me to resolve it.

 

Error:

30.10.2015 14:46:43.212 *ERROR* [0:0:0:0:0:0:0:1 [1446196603208] POST /system/console/bundles/325 HTTP/1.1] cqse-httpservice %bundles.pluginTitle: Cannot start (org.osgi.framework.BundleException: Unresolved constraint in bundle com.ceb.webcq-bundle [325]: Unable to resolve 325.24: missing requirement [325.24] osgi.wiring.package; (&(osgi.wiring.package=javax.servlet)(version>=3.0.0)(!(version>=4.0.0)))) org.osgi.framework.BundleException: Unresolved constraint in bundle com.ceb.webcq-bundle [325]: Unable to resolve 325.24: missing requirement [325.24] osgi.wiring.package; (&(osgi.wiring.package=javax.servlet)(version>=3.0.0)(!(version>=4.0.0)))
    at org.apache.felix.framework.Felix.resolveBundleRevision(Felix.java:3962)
    at org.apache.felix.framework.Felix.startBundle(Felix.java:2025)
    at org.apache.felix.framework.BundleImpl.start(BundleImpl.java:955)
    at org.apache.felix.framework.BundleImpl.start(BundleImpl.java:942)
    at org.apache.felix.webconsole.internal.core.BundlesServlet.doPost(BundlesServlet.java:364)

 

 

Regards,

Satheeshraj V

1 Accepted Solution

Avatar

Correct answer by
Administrator

Hi 

Please find below the reference article to create httponly cookies on 2.5:

Link:- http://stackoverflow.com/questions/13147113/setting-an-httponly-cookie-with-javax-servlet-2-5

//

You are right, manually setting header is the right way to achive your goal.

You can also use javax.ws.rs.core.NewCookie or any other class with useful toString method to print cookie to a header to make things more simple.

public static String getHttpOnlyCookieHeader(Cookie cookie) {NewCookie newCookie = new NewCookie(cookie.getName(), cookie.getValue(),cookie.getPath(), cookie.getDomain(), cookie.getVersion(),cookie.getComment(), cookie.getMaxAge(), cookie.getSecure());return newCookie + "; HttpOnly";}

And the usage:

response.setHeader("SET-COOKIE", getHttpOnlyCookieHeader(myOriginalCookie));

 OR 

public void addCookie(String cookieName, String cookieValue, Integer maxAge, HttpServletResponse response) {Cookie cookie = new Cookie(cookieName, cookieValue);cookie.setPath("; HttpOnly;");cookie.setSecure(isSecureCookie);cookie.setMaxAge(maxAge);response.addCookie(cookie);}

 

I hope this would act as some help to you.

Thanks and Regards

Kautuk Sahni



Kautuk Sahni

View solution in original post

6 Replies

Avatar

Level 2

Servlep-api-2.5.jar is working properly for me. But i need to upgrade it from 2.5 to 3.0. So when I replace the Servlep-api-2.5.jar to Servlep-api-3.0.jar I'm getting the error.

Avatar

Level 10

I guess, you might not be able to because 3.0 may not be compatible with AEM 5.6.1. I'll check this

Any specific reason for upgrade ?

Avatar

Level 2

I need servlet-api-3.0.jar to use setHttpOnly() method available cookie object.

Avatar

Level 10

Take a look at https://www.owasp.org/index.php/HttpOnly#Using_Java_to_Set_HttpOnly

It talks about a workaround which you can use in old jar

Avatar

Correct answer by
Administrator

Hi 

Please find below the reference article to create httponly cookies on 2.5:

Link:- http://stackoverflow.com/questions/13147113/setting-an-httponly-cookie-with-javax-servlet-2-5

//

You are right, manually setting header is the right way to achive your goal.

You can also use javax.ws.rs.core.NewCookie or any other class with useful toString method to print cookie to a header to make things more simple.

public static String getHttpOnlyCookieHeader(Cookie cookie) {NewCookie newCookie = new NewCookie(cookie.getName(), cookie.getValue(),cookie.getPath(), cookie.getDomain(), cookie.getVersion(),cookie.getComment(), cookie.getMaxAge(), cookie.getSecure());return newCookie + "; HttpOnly";}

And the usage:

response.setHeader("SET-COOKIE", getHttpOnlyCookieHeader(myOriginalCookie));

 OR 

public void addCookie(String cookieName, String cookieValue, Integer maxAge, HttpServletResponse response) {Cookie cookie = new Cookie(cookieName, cookieValue);cookie.setPath("; HttpOnly;");cookie.setSecure(isSecureCookie);cookie.setMaxAge(maxAge);response.addCookie(cookie);}

 

I hope this would act as some help to you.

Thanks and Regards

Kautuk Sahni



Kautuk Sahni