Your achievements

Level 1

0% to

Level 2

Tip /
Sign in

Sign in to Community

to gain points, level up, and earn exciting badges like the new
Bedrock Mission!

Learn more

View all

Sign in to view all badges

SOLVED

Resource at '/' not found: No resource found

Love_Sharma
Level 4
Level 4

Dear Members,

 

I tried adding custom values to below AEM config under /apps/*/config

org.apache.sling.engine.impl.auth.SlingAuthenticator

org.apache.sling.servlets.resolver.SlingServletResolver

And whenever I restart my instance, I get Resource at '/' not found: No resource found  and also when I logout from home screen, same error.

 

Also, when I go to http://localhost:4502/crx/de/index.jsp# and login from CRX, I am back in session.

 

Any help appreciated.

Thanks

1 Accepted Solution
Jörg_Hoh
Correct answer by
Employee
Employee

If you get that message it seems that you broke/misconfigured the authentication system.

View solution in original post

6 Replies
Vijayalakshmi_S
Community Advisor
Community Advisor

Hi @Love_Sharma,

Please provide the details of properties that are modified as part of the mentioned configs. (Sling Authenticator and Sling Servlet resolver) and reason for the same/functionality you are trying to achieve.

Love_Sharma
Level 4
Level 4

@Vijayalakshmi_S OOTB properties were not touched and I added my own custom property as shown below. When I tried putting these new values in code base under /config, I encountered the error. I tried putting just the new values adding -domain to the config's PID & using OOTB PID as is mentioning existing and custom values but the time I restart my AEM, I face the issue.

 

Screen Shot 2021-01-19 at 9.32.44 AM.pngScreen Shot 2021-01-19 at 9.35.35 AM.png

Vijayalakshmi_S
Community Advisor
Community Advisor

The two configs shared are not factory configs. Hence we need not add any identifier say "-domain" to the PID while creating OSGI config via code - Remove the same and try.

Alternatively, to assure the issue is not with values you mentioned for the properties, in another fresh instance add these values directly in Felix console instead of code/config node -> check if it works fine.

Jörg_Hoh
Employee
Employee

Hi,

 

please don't change these settings like this. The configuration in the servlet resolver allows anyone (with write access) to place JSPs within /content/ and get them executed. That's definitely a security concern.

The config change for authorization has less side effects regarding security, but I would definitely question its usefulness. I think that you are having an authoring instace here.

Love_Sharma
Level 4
Level 4
@Vijayalakshmi_S Initially haven't added -domain but when it didn't worked added -domain for testing purpose. And I tried adding directly to Felix, that broke the instance too. Wondering if it's a good idea to edit these configs as mentioned by Jörg_Hoh
Love_Sharma
Level 4
Level 4

Jörg_Hoh What I understood from your security concern, we should not edit these configuration with custom values and think of other way to do it ? Please correct me if I get this wrong. Also, if you could educate more on this topic it will be helpful

Jörg_Hoh
Employee
Employee
@Love_Sharma I would not add a path below /content into the execution paths of the Sling Servlet Resolver configuration. Because Sling is looking there for scripts/servlets resolving resourcetype. An attack vector could be, that an author creates a component node structure below /content (where the author has write permission), and creates a page referencing that component. With this approach it's possible for the author to execute custom code and on the server.
Jörg_Hoh
Correct answer by
Employee
Employee

If you get that message it seems that you broke/misconfigured the authentication system.

View solution in original post