Expand my Community achievements bar.

Learn about Edge Delivery Services in upcoming GEM session
Register!
SOLVED

How to enable access to "/bin/querybuilder.json" to any user ?

Avatar

Level 7
Level 7
4/19/23 7:52:23 AM
 

Views

347

Replies

2
Sign in to like this content

Total Likes

Translate
Translate
1 Accepted Solution

Avatar

Correct answer by
Community Advisor
Community Advisor
4/19/23 12:05:40 PM

Hi @akshaybhujbale Sling Engine will take care of permissions if you register servlet using Resource Type.

Users who cannot access a particular resource will not be able to invoke the servlet.

Path-bound servlets cannot be access controlled using the default JCR repository ACLs.

Reference - https://sling.apache.org/documentation/the-sling-engine/servlets.html#example-registration-by-resour...

 

@Component(service = Servlet.class)
@SlingServletResourceTypes(
        resourceTypes = "services/testServlet",
        methods = { HttpConstants.METHOD_GET }
)
@ServiceDescription("Test Servlet")
public class TestServlet extends SlingAllMethodsServlet {
     @Override
    protected void doGet(final SlingHttpServletRequest request, final 
SlingHttpServletResponse response)
            throws ServletException, IOException {
      // business-logic over here
}
}

Hope this helps!

Thanks

View solution in original post

Views

323

Replies

0
Sign in to like this content

Total Likes

Translate
Translate
Jump to reply
2 Replies

Avatar

Level 6
Level 6
4/19/23 9:54:57 AM

@akshaybhujbale

I think /bin/querybuilder.json makes a request to servlet which is registered with a path /bin/querybuilder and an extenstion json. Servlets registered with path can not be access controlled so I think we can not provide its access to any user.

Views

338

Replies

0
Sign in to like this content

Total Likes

Translate
Translate

Avatar

Correct answer by
Community Advisor
Community Advisor
4/19/23 12:05:40 PM

Hi @akshaybhujbale Sling Engine will take care of permissions if you register servlet using Resource Type.

Users who cannot access a particular resource will not be able to invoke the servlet.

Path-bound servlets cannot be access controlled using the default JCR repository ACLs.

Reference - https://sling.apache.org/documentation/the-sling-engine/servlets.html#example-registration-by-resour...

 

@Component(service = Servlet.class)
@SlingServletResourceTypes(
        resourceTypes = "services/testServlet",
        methods = { HttpConstants.METHOD_GET }
)
@ServiceDescription("Test Servlet")
public class TestServlet extends SlingAllMethodsServlet {
     @Override
    protected void doGet(final SlingHttpServletRequest request, final 
SlingHttpServletResponse response)
            throws ServletException, IOException {
      // business-logic over here
}
}

Hope this helps!

Thanks

Views

324

Replies

0
Sign in to like this content

Total Likes

Translate
Translate
Jump to reply