Your achievements

Level 1

0% to

Level 2

Tip /
Sign in

Sign in to Community

to gain points, level up, and earn exciting badges like the new
BedrockMission!

Learn More

View all

Sign in to view all badges

servlet and cors

Avatar

Avatar
Ignite 10
Level 4
TB3dock
Level 4

Likes

34 likes

Total Posts

203 posts

Correct Reply

4 solutions
Top badges earned
Ignite 10
Boost 25
Give Back 25
Validate 10
Validate 1
View profile

Avatar
Ignite 10
Level 4
TB3dock
Level 4

Likes

34 likes

Total Posts

203 posts

Correct Reply

4 solutions
Top badges earned
Ignite 10
Boost 25
Give Back 25
Validate 10
Validate 1
View profile
TB3dock
Level 4

05-05-2021

We have a serlvet which serves json to the front end which uses a fixed path, eg. /bin/myapi/somecall.

This works if you are calling it from the same host and port, but fails from anything else.  E.g. devs hitting a local author from react from 3000 instead of 4502

The "understanding cors" page hints that you can configure this with XML which starts with <jcr:root xmlns:sling=...

The question is, where in our source code should these XML files live, and what should they be called?

There is a section in the http://localhost:4502/system/console/configMgr for "com.adobe.granite.cors.impl.CORSPolicyImpl.d5e5ad16-601e-4215-8bad-15f4980b7722" but this is not editable for some devs (i.e. save doesn't save).

Can Cors be configured with json osgi configs?  If so, how does one know what number to put on the end for new ones?  Is there an example of this anywhere?

Accepted Solutions (1)

Accepted Solutions (1)

Avatar

Avatar
Boost 100
Employee
markus_bulla_adobe
Employee

Likes

104 likes

Total Posts

86 posts

Correct Reply

44 solutions
Top badges earned
Boost 100
Applaud 25
Affirm 25
Boost 50
Boost 25
View profile

Avatar
Boost 100
Employee
markus_bulla_adobe
Employee

Likes

104 likes

Total Posts

86 posts

Correct Reply

44 solutions
Top badges earned
Boost 100
Applaud 25
Affirm 25
Boost 50
Boost 25
View profile
markus_bulla_adobe
Employee

05-05-2021

Hi @TB3dock!

 

The required CORS configurations should be done as OSGI configurations on the "Adobe Granite Cross Origin Resource Sharing Policy" as pointed out in the documentation that you already mentioned. OSGI configurations are a common pattern in the AEM tech stack and you will find some additional explanations in some of your older threads on OSGI config topics. You should place an according OSGI config file (either XML or JSON format) in your code base, specifically into the ui.config module (if your project follows the AEM Maven archetype structure).

 

Please also refer to the following tutorial covering exactly your use case (as far as I understand your query):

Regarding your specific questions:

  • Where in our source code should these XML files live? ==> ui.config/src/main/content/jcr_root/apps/mysite/config/ - will be mapped to /apps/mysite/config/ inside the repository)
  • What should they be called? ==> com.adobe.granite.cors.impl.CORSPolicyImpl-myproject.cfg.json - reflecting the CORS policy services PID aka fully qulified class name. It needs to be appended with a custom identifier (in my example: "-myproject") because it is a factory configuration and it is possible to deploy multiple instances for this specific service. Instead of the JSON format you could also use the XML format references in the above mentioned documentation.
  • Can CORS be configured with json osgi configs? ==> As stated above: yes, you can use either the XML or the JSON format for OSGI configurations.
  • How does one know what number to put on the end for new ones? ==> As mentioned above: this is a unique identifier for this configuration. You can choose whatever you want, e. g. a string that reflects the configs purpose or your project (in my example: "-myproject"). The suffix is not limited to numbers. 

 

Hope that helps!

Answers (2)

Answers (2)

Avatar

Avatar
Boost 5
Level 5
Ritesh_M
Level 5

Likes

85 likes

Total Posts

67 posts

Correct Reply

23 solutions
Top badges earned
Boost 5
Boost 3
Boost 1
Applaud 5
Affirm 1
View profile

Avatar
Boost 5
Level 5
Ritesh_M
Level 5

Likes

85 likes

Total Posts

67 posts

Correct Reply

23 solutions
Top badges earned
Boost 5
Boost 3
Boost 1
Applaud 5
Affirm 1
View profile
Ritesh_M
Level 5

05-05-2021

 

@TB3dock ,

 

Just to confirm if you are really getting CORS error or Authentication error, since localhost:4502 is generally considered as author instance which requires authentication, so if you want to call any servlet which requires authentication then you need to set authorization header while calling the servlet/API.

 

Other then this question, resource type based servlets are more preferable than path based ones because of security, dispatcher allow config, etc

Avatar

Avatar
Give Back 100
Level 10
asutosh_jena
Level 10

Likes

551 likes

Total Posts

663 posts

Correct Reply

191 solutions
Top badges earned
Give Back 100
Boost 500
Affirm 100
Ignite 1
Establish
View profile

Avatar
Give Back 100
Level 10
asutosh_jena
Level 10

Likes

551 likes

Total Posts

663 posts

Correct Reply

191 solutions
Top badges earned
Give Back 100
Boost 500
Affirm 100
Ignite 1
Establish
View profile
asutosh_jena
Level 10

05-05-2021

Hi @TB3dock 

 

Here the exmaples are provided with XML. But if you want to use in AEM as Cloud, you can use the same as JSON and it can be stored under the osgi config folder where you kept all other OSGi configurations.

 

You need to add the your localhost:3000 to your allowedorigin property and it will allow you to make calls.

 

Thanks