Expand my Community achievements bar.

Dive into Adobe Summit 2024! Explore curated list of AEM sessions & labs, register, connect with experts, ask questions, engage, and share insights. Don't miss the excitement.

External Redirect to AEM is returning 403

Avatar

Level 2

I am getting redirected from an payment gateway page to AEM page. However i am getting 403 error when i redirect.

Tried to redirect to we-retail page as well but the same issue persists.

8 Replies

Avatar

Community Advisor

Hi,

Is this a post request or a get request?



Arun Patidar

Avatar

Level 2
Its a post request. Payment Gateways frame is injected into AEM page and then we redirect to bank page and back to AEM page.

Avatar

Community Advisor
Can you check the logs then, Post request may be blocked because of Apache Sling Referrer Filter, check this https://aem6solutions.wordpress.com/2015/06/19/apache-sling-referrer-filter/ article and configure source host in allow host section to allow post request from another host/domain. You may see CORS issue if injecting using Ajax but that is another topic.


Arun Patidar

Avatar

Level 2
I have already done all the settings at felix console level, however those did not help.

Avatar

Level 2
I have already done all the settings at felix console level, however those did not help. But i was able to resolve the issue by using the ".external" selector and then passing the selector in the url. There is an out of the box external.post.jsp which handles anything with .external selector. Thanks community guys for responding quickly.

Avatar

Community Advisor

Hi @Sachindey11 

If you are working on your local machine and have created a sling servlet to make post request to local AEM Server , you may be getting 403 Error Code : Forbidden
This issue is due to CSRF Filter blocking POST Requests.

You can unblock this via OSGi Configuration. You shouldn't be doing it on production instances.

  1. Go to http://localhost:4502/system/console/configMgr
  2. Find Adobe Granite CSRF Filter 
  3. Remove POST from Filter Methods
  4. Save and Test the servlet again.



Avatar

Level 2
Thanks Arpit. I have already done that but still i get the below error...Status 500 Message java.lang.IllegalArgumentException: Value for key response-signature-base64 can't be put into node:

Avatar

Community Advisor

@Sachindey11 Are you trying to post something while redirecting or it's just a 301/302 redirect to a static page in AEM?