Expand my Community achievements bar.

SOLVED

Override 500 Error from Dispatcher Cloud Service

Avatar

Level 3
Level 3
10/3/22 12:54:43 PM

Hey guys,

 

I have written an AbstractServlet implementation to handle a variety of different servlet calls (doPost method below). I intend for this servlet to return an error message -- specifically the failureMessage property -- when a 500 is thrown, but instead I am getting the default 500 page (image attached) as the response... On my local dispatcher instance, I was able to bypass this page by setting the status to 499, but said approach is not working in the hosted staging environment (maybe something to do w/ local vs. cloud service setup). Does anybody have any experience writing a similar implementation / dealing with a similar issue? Thanks for any and all insight

Code: 

 

    protected void doPost(@NotNull SlingHttpServletRequest request, @notnull SlingHttpServletResponse response) throws IOException {
        response.setContentType("application/json");
        T requestData = getRequestData(request);
        if (requestData == null || !isValidRequest(requestData)) {
            response.setStatus(HttpServletResponse.SC_EXPECTATION_FAILED);
            response.getWriter().write(new ObjectMapper().writeValueAsString(new ServletError("Expected parameter is missing")));
            return;
        }
        boolean result = performAction(requestData);
        if (result) {
            response.getWriter().write(new ObjectMapper().writeValueAsString(new ServletSuccess(getSuccessMessage())));
        } else {
            response.setStatus(499);
            response.getWriter().write(new ObjectMapper().writeValueAsString(new ServletSuccess(getFailureMessage())));
        }
    }

 

response.PNG

Views

1.1K

Replies

2
Sign in to like this content

Total Likes

Translate
Translate
1 Accepted Solution

Avatar

Correct answer by
Community Advisor
Community Advisor
11/27/22 2:21:32 PM

Hi @user00928,

Your POST request is being filtered and restricted by the “Apache Sling Referrer Filter” and “Adobe Granite CSRF Filter”. By default, the Apache Sling Referrer Filter blocks any incoming POST requests, and the Adobe Granite CSRF Filter blocks any incoming POST requests without the CSRF-Token token in the header.

You can solve this by following below steps

  • Allow incoming POST request in the Apache Sling Referrer Filter OSGI configurations, and
  • Remove the requirement of the CSRF-Token in the Adobe Granite CSRF Filter OSGI configurations.

Steps:

Configure Apache Sling Referrer Filter:

  1. Enable allow empty
  2. Remove the POST method from filters

In OSGI configurations (http://localhost:4502/system/console/configMgr), locate “Apache Sling Referrer Filter”. Enable the allow empty property, and remove the post method from filters property.

SantoshSai_0-1669587660785.png

Configure Adobe Granite CSRF Filter

  1. Remove the POST method from filters

In OSGI configurations (http://localhost:4502/system/console/configMgr), locate “Adobe Granite CSRF Filter”. Remove the post method from filters property.

SantoshSai_1-1669587660695.png

Note: After making configurations to the two OSGI configurations, you should be able to make a POST request from your HTTP REST Client to your AEM instance.

For production, set Apache Sling Referrer Filter and Adobe Granite CSRF Filter settings back to default. Unless if you are giving access to other servers to make POST requests to your AEM application.

Hope that helps!

Regards,
Santosh

View solution in original post

Views

876

Replies

0
Sign in to like this content

Total Likes

Translate
Translate
Jump to reply
2 Replies

Avatar

Level 3
Level 3
10/12/22 12:10:49 PM

Bumping for visibility. Still having trouble

Views

946

Replies

0
Sign in to like this content

Total Likes

Translate
Translate

Avatar

Correct answer by
Community Advisor
Community Advisor
11/27/22 2:21:32 PM

Hi @user00928,

Your POST request is being filtered and restricted by the “Apache Sling Referrer Filter” and “Adobe Granite CSRF Filter”. By default, the Apache Sling Referrer Filter blocks any incoming POST requests, and the Adobe Granite CSRF Filter blocks any incoming POST requests without the CSRF-Token token in the header.

You can solve this by following below steps

  • Allow incoming POST request in the Apache Sling Referrer Filter OSGI configurations, and
  • Remove the requirement of the CSRF-Token in the Adobe Granite CSRF Filter OSGI configurations.

Steps:

Configure Apache Sling Referrer Filter:

  1. Enable allow empty
  2. Remove the POST method from filters

In OSGI configurations (http://localhost:4502/system/console/configMgr), locate “Apache Sling Referrer Filter”. Enable the allow empty property, and remove the post method from filters property.

SantoshSai_0-1669587660785.png

Configure Adobe Granite CSRF Filter

  1. Remove the POST method from filters

In OSGI configurations (http://localhost:4502/system/console/configMgr), locate “Adobe Granite CSRF Filter”. Remove the post method from filters property.

SantoshSai_1-1669587660695.png

Note: After making configurations to the two OSGI configurations, you should be able to make a POST request from your HTTP REST Client to your AEM instance.

For production, set Apache Sling Referrer Filter and Adobe Granite CSRF Filter settings back to default. Unless if you are giving access to other servers to make POST requests to your AEM application.

Hope that helps!

Regards,
Santosh

Views

877

Replies

0
Sign in to like this content

Total Likes

Translate
Translate
Jump to reply
Related Conversations
Server Side Include on internal Dispatchers on AEMaaCS Solved

Views

200

Likes

0

Replies

4
Vanity url is not working in Dispatcher AEM 6.5 SPA

Views

66

Likes

0

Replies

1
AEM 6.5.21 Create PDFs from static HTML(with inline CSS) programatically as a DAM asset

Views

182

Likes

0

Replies

3
Edge Delivery Service - Cache

Views

132

Likes

0

Replies

4
AEM dispatcher filter

Views

99

Likes

0

Replies

2