Expand my Community achievements bar.

SOLVED

Publish Servlet 404

Avatar

Level 2

Dear all,

I've created a bundle that have some servlets, and after I deployed them to author instance, the servlets could be accessed and invoked.

While after I replicated the bundle to publish instance, the invoking of servlets return 404.

The server version is 6.2, and I found below message in the error.log.

26.10.2016 17:03:24.006 *INFO* [10.65.32.106 [1477472604004] POST /content/my-testing/en/my-aia/myaia-login.login.json HTTP/1.1] com.adobe.granite.csrf.impl.CSRFFilter isValidRequest: empty CSRF token - rejecting
26.10.2016 17:03:24.007 *INFO* [10.65.32.106 [1477472604004] POST /content/my-testing/en/my-aia/myaia-login.login.json HTTP/1.1] com.adobe.granite.csrf.impl.CSRFFilter doFilter: the provided CSRF token is invalid

Could you please advise?

I have attached some screen shots for you to refer.

Cheers

Best Regards,

1 Accepted Solution

Avatar

Correct answer by
Administrator

Hi 

For 404, please check if bundles are replicated properly in publishers?

 

Reference CSRF POSTS:- 

Link:- http://help-forums.adobe.com/content/adobeforums/en/experience-manager-forum/adobe-experience-manage...

// 

With 6.1, AEM added CSRF (Cross-Site Request Forgery) protection and you need to ensure that the CSRF token is included.

This should be handled automatically if you are using AEM's version of jQuery. This library has the code to get the token and add it to all XHR and forms.

If you absolutely need to use a different version of jQuery (why?) and/or don't use jQuery at all, then you can include the 'granite.csrf.standalone' client library and it will do the same hooks.

 

Link:- http://help-forums.adobe.com/content/adobeforums/en/experience-manager-forum/adobe-experience-manage...

//

For ideal solution, you should include the following javascript on your page - /etc/clientlibs/granite/jquery/granite/csrf/source/csrf.js. You can include it by doing a standard client library include call in your JSP. 

<cq:includeClientLib js="granite.csrf.standalone"/>

 

~kautuk



Kautuk Sahni

View solution in original post

5 Replies

Avatar

Level 10

This looks like a CSRF error - how did you invoke this servlet? 

Avatar

Level 2

We just postto the servlet by invoking a button click method.

Avatar

Correct answer by
Administrator

Hi 

For 404, please check if bundles are replicated properly in publishers?

 

Reference CSRF POSTS:- 

Link:- http://help-forums.adobe.com/content/adobeforums/en/experience-manager-forum/adobe-experience-manage...

// 

With 6.1, AEM added CSRF (Cross-Site Request Forgery) protection and you need to ensure that the CSRF token is included.

This should be handled automatically if you are using AEM's version of jQuery. This library has the code to get the token and add it to all XHR and forms.

If you absolutely need to use a different version of jQuery (why?) and/or don't use jQuery at all, then you can include the 'granite.csrf.standalone' client library and it will do the same hooks.

 

Link:- http://help-forums.adobe.com/content/adobeforums/en/experience-manager-forum/adobe-experience-manage...

//

For ideal solution, you should include the following javascript on your page - /etc/clientlibs/granite/jquery/granite/csrf/source/csrf.js. You can include it by doing a standard client library include call in your JSP. 

<cq:includeClientLib js="granite.csrf.standalone"/>

 

~kautuk



Kautuk Sahni

Avatar

Level 2

Thanks for your help, I checked that we did not use AEM's version of jQuery, so after I included "cq.jquery" in our template, the CSRF error disappeared.

So from your advise, it would be better to use AEM's version of jQuery rather than others, isn't it?

 

Cheers,

Avatar

Administrator

Yes.

~kautuk



Kautuk Sahni