Highlighted

External Redirect to AEM is returning 403

Avatar

Avatar

Sachindey11

Avatar

Sachindey11

Sachindey11

17-07-2020

I am getting redirected from an payment gateway page to AEM page. However i am getting 403 error when i redirect.

Tried to redirect to we-retail page as well but the same issue persists.

Replies

Highlighted

Avatar

Avatar

Arun_Patidar

MVP

Total Posts

2.9K

Likes

1.0K

Correct Answer

831

Avatar

Arun_Patidar

MVP

Total Posts

2.9K

Likes

1.0K

Correct Answer

831
Arun_Patidar
MVP

17-07-2020

Hi,

Is this a post request or a get request?

Highlighted

Avatar

Avatar

Sachindey11

Avatar

Sachindey11

Sachindey11

17-07-2020

Its a post request. Payment Gateways frame is injected into AEM page and then we redirect to bank page and back to AEM page.
Highlighted

Avatar

Avatar

ArpitVarshney

MVP

Avatar

ArpitVarshney

MVP

ArpitVarshney
MVP

17-07-2020

Hi @Sachindey11 

If you are working on your local machine and have created a sling servlet to make post request to local AEM Server , you may be getting 403 Error Code : Forbidden
This issue is due to CSRF Filter blocking POST Requests.

You can unblock this via OSGi Configuration. You shouldn't be doing it on production instances.

  1. Go to http://localhost:4502/system/console/configMgr
  2. Find Adobe Granite CSRF Filter 
  3. Remove POST from Filter Methods
  4. Save and Test the servlet again.



Highlighted

Avatar

Avatar

Sachindey11

Avatar

Sachindey11

Sachindey11

17-07-2020

Thanks Arpit. I have already done that but still i get the below error...Status 500 Message java.lang.IllegalArgumentException: Value for key response-signature-base64 can't be put into node:
Highlighted

Avatar

Avatar

Arun_Patidar

MVP

Total Posts

2.9K

Likes

1.0K

Correct Answer

831

Avatar

Arun_Patidar

MVP

Total Posts

2.9K

Likes

1.0K

Correct Answer

831
Arun_Patidar
MVP

17-07-2020

Can you check the logs then, Post request may be blocked because of Apache Sling Referrer Filter, check this https://aem6solutions.wordpress.com/2015/06/19/apache-sling-referrer-filter/ article and configure source host in allow host section to allow post request from another host/domain. You may see CORS issue if injecting using Ajax but that is another topic.
Highlighted

Avatar

Avatar

Sachindey11

Avatar

Sachindey11

Sachindey11

17-07-2020

I have already done all the settings at felix console level, however those did not help.

Avatar

Avatar

Sachindey11

Avatar

Sachindey11

Sachindey11

17-07-2020

I have already done all the settings at felix console level, however those did not help. But i was able to resolve the issue by using the ".external" selector and then passing the selector in the url. There is an out of the box external.post.jsp which handles anything with .external selector. Thanks community guys for responding quickly.
Highlighted

Avatar

Avatar

asutoshj7327906

Avatar

asutoshj7327906

asutoshj7327906

17-07-2020

@Sachindey11 Are you trying to post something while redirecting or it's just a 301/302 redirect to a static page in AEM?