Expand my Community achievements bar.

SOLVED

Resource at '/' not found: No resource found

Avatar

Level 5

Dear Members,

 

I tried adding custom values to below AEM config under /apps/*/config

org.apache.sling.engine.impl.auth.SlingAuthenticator

org.apache.sling.servlets.resolver.SlingServletResolver

And whenever I restart my instance, I get Resource at '/' not found: No resource found  and also when I logout from home screen, same error.

 

Also, when I go to http://localhost:4502/crx/de/index.jsp# and login from CRX, I am back in session.

 

Any help appreciated.

Thanks

1 Accepted Solution

Avatar

Correct answer by
Employee Advisor

If you get that message it seems that you broke/misconfigured the authentication system.

View solution in original post

8 Replies

Avatar

Community Advisor

Hi @Love_Sharma,

Please provide the details of properties that are modified as part of the mentioned configs. (Sling Authenticator and Sling Servlet resolver) and reason for the same/functionality you are trying to achieve.

Avatar

Level 5

@Vijayalakshmi_S OOTB properties were not touched and I added my own custom property as shown below. When I tried putting these new values in code base under /config, I encountered the error. I tried putting just the new values adding -domain to the config's PID & using OOTB PID as is mentioning existing and custom values but the time I restart my AEM, I face the issue.

 

Screen Shot 2021-01-19 at 9.32.44 AM.pngScreen Shot 2021-01-19 at 9.35.35 AM.png

Avatar

Community Advisor

The two configs shared are not factory configs. Hence we need not add any identifier say "-domain" to the PID while creating OSGI config via code - Remove the same and try.

Alternatively, to assure the issue is not with values you mentioned for the properties, in another fresh instance add these values directly in Felix console instead of code/config node -> check if it works fine.

Avatar

Employee Advisor

Hi,

 

please don't change these settings like this. The configuration in the servlet resolver allows anyone (with write access) to place JSPs within /content/ and get them executed. That's definitely a security concern.

The config change for authorization has less side effects regarding security, but I would definitely question its usefulness. I think that you are having an authoring instace here.

Avatar

Level 5
@Vijayalakshmi_S Initially haven't added -domain but when it didn't worked added -domain for testing purpose. And I tried adding directly to Felix, that broke the instance too. Wondering if it's a good idea to edit these configs as mentioned by Jörg_Hoh

Avatar

Level 5

Jörg_Hoh What I understood from your security concern, we should not edit these configuration with custom values and think of other way to do it ? Please correct me if I get this wrong. Also, if you could educate more on this topic it will be helpful

Avatar

Employee Advisor
@Love_Sharma I would not add a path below /content into the execution paths of the Sling Servlet Resolver configuration. Because Sling is looking there for scripts/servlets resolving resourcetype. An attack vector could be, that an author creates a component node structure below /content (where the author has write permission), and creates a page referencing that component. With this approach it's possible for the author to execute custom code and on the server.

Avatar

Correct answer by
Employee Advisor

If you get that message it seems that you broke/misconfigured the authentication system.