Expand my Community achievements bar.

Join us in celebrating the outstanding achievement of our AEM Community Member of the Year!
SOLVED

Filter not work for /crx/de/index.jsp

Avatar

Former Community Member

Hi,

I have written a filter to check whether user is login, if not, redirect it to the login page. I am referring to this filter code mentioned in this article http://aemfaq.blogspot.sg/2013/05/blocking-anonymous-access-to-crx-in-non.html

But when I tested it, the filter seems not work for the URL: http://localhost:4502/crx/de/index.jsp

I checked the log, the filter seems not go into the doFilter method. Here is my filter code:

import javax.servlet.*; import java.io.IOException; import java.util.Map; import javax.servlet.http.HttpServletRequest; import javax.servlet.http.HttpServletResponse; import javax.servlet.http.Cookie; import javax.servlet.RequestDispatcher; import org.apache.felix.scr.annotations.Activate; import org.apache.felix.scr.annotations.Component; import org.apache.felix.scr.annotations.sling.SlingFilter; import org.apache.felix.scr.annotations.sling.SlingFilterScope; import org.slf4j.Logger; import org.slf4j.LoggerFactory; @SlingFilter(generateComponent = false, generateService = true, order = -50001, scope = SlingFilterScope.REQUEST) @Component(immediate = true, metatype = false) public class CrxLoginFilter implements Filter { protected static final Logger log = LoggerFactory.getLogger(CrxLoginFilter.class); public void init(FilterConfig config) throws ServletException { log.info("Init with config [" + config + "]"); } @Activate protected void activate(final Map<String, Object> props) { log.info("***** activate *****"); } public void doFilter(ServletRequest req, ServletResponse res, FilterChain chain) throws IOException, ServletException { log.info("inside doFilter "); if ( req instanceof HttpServletRequest && res instanceof HttpServletResponse ) { final HttpServletRequest request = (HttpServletRequest)req; final HttpServletResponse response = (HttpServletResponse)res; String pathInfo = request.getPathInfo() ; boolean crxdeAuthenticated = false; boolean crxAuthenticated = false; log.info("============ pathInfo " + pathInfo); if(pathInfo != null){ Cookie[] cookies = request.getCookies(); if(cookies!=null){ for (int i = 0; i < cookies.length; i++) { String name = cookies[i].getName(); String value = cookies[i].getValue(); if(name!=null && name.equals("login-workspace") && value!=null){ crxAuthenticated = true; } if(name!=null && name.equals("login-token") && value!=null){ crxdeAuthenticated = true; } } } log.info("============== ?? pathInfo " + pathInfo + ", crxAuthenticated " + crxAuthenticated); if(pathInfo.startsWith("/crx/explorer/crx_main_files/admin.css")){ //Do nothing log.info("======================== 1 ======================"); }else if ( !pathInfo.startsWith("/crx/explorer/login.jsp") && pathInfo.startsWith("/crx/explorer") &&  !crxAuthenticated ){ response.sendRedirect("/crx/explorer/login.jsp"); log.info("======================== 2 ======================"); return; }else if( ( pathInfo.startsWith("/crxde") || pathInfo.startsWith("/crx/de") ) &&  !crxdeAuthenticated ){ RequestDispatcher rd = request.getRequestDispatcher("/libs/granite/core/content/login.html"); log.info("======================== 3 ======================"); rd.forward(request, response); return; } } } chain.doFilter(req, res); } public void destroy() { log.info("Destroyed filter"); } }

Please help to advice what is wrong with the filter. I am using the AEM 6.1 SP1.

Thanks in advance!

1 Accepted Solution

Avatar

Correct answer by
Employee Advisor

Hi Opkar,

to be exact: CRXDE is directly registered as servlet to the HTTP service, and it isn't a sling application. So a Sling filter isn't executed when you go to CRXDE (same as with the OSGI console). You need to register the filter directly as HTTP servlet filter.

Jörg

View solution in original post

5 Replies

Avatar

Employee

Does it work if you use another path? For example under "/content"? For example working code look at the ACS Samples code: http://adobe-consulting-services.github.io/acs-aem-samples/

Regards,

Opkar

Avatar

Former Community Member

Hi Opkar,

The filter does work for the other path like /content/. It seems not do the filter for /crx/de

Avatar

Employee

This may be due the fact that crxde is not actually content in the repository, rather it is run from a content bundle, please see this answer from stack overflow:http://stackoverflow.com/questions/23718050/where-is-the-node-for-crx-explorer-stored-in-cq5-resposi...

Regards,

Opkar

Avatar

Correct answer by
Employee Advisor

Hi Opkar,

to be exact: CRXDE is directly registered as servlet to the HTTP service, and it isn't a sling application. So a Sling filter isn't executed when you go to CRXDE (same as with the OSGI console). You need to register the filter directly as HTTP servlet filter.

Jörg

Avatar

Employee

Thanks for the clarification Joerg :)