Simple Webservice in AEM not accessible - Authentication Failure

Avatar

Avatar

sud_varun

Avatar

sud_varun

sud_varun

30-05-2016

Hello,

AEM Version: 6.1

I have a simple SlingServlet which returns a string on /GET at path /bin/getstring

This AEM is hosted at, for example, http://custom-host.com:4502

Now, an external frontend application is not been able to sent GET requests to this service and looking at the network logs, I receive 403 Forbidden.

As I understand, the login-cookie is not created by the external frontend application and hence  403 is thrown. Is there a possibility of a workaround here for an external frontend application to call the AEM based custom servlet?

Accepted Solutions (1)

Accepted Solutions (1)

Avatar

Avatar

kautuk_sahni

Community Manager

Total Posts

5.8K

Likes

1.0K

Correct Reply

1.1K

Avatar

kautuk_sahni

Community Manager

Total Posts

5.8K

Likes

1.0K

Correct Reply

1.1K
kautuk_sahni
Community Manager

30-05-2016

Hi

Add "@Property(name = "sling.auth.requirements", value = "-/bin/mySearchServlet")" This results in the Sling Servlet not requiring authentication. 

Link:- https://sling.apache.org/documentation/the-sling-engine/authentication/authentication-framework.html (sling.auth.requirements)

OR

if you call it from external client (another website or REST client plugin...) CQ security filter will be triggered to prevent your action then return 403 error to remove this please follow these steps:

1/ http://localhost:4502/system/console/configMgr
2/ Search for 'Apache Sling Referrer Filter'
3/ Remove POST method from the filter. Then you can call your POST method anywhere.

 

Another Reference Links:- https://aem6solutions.wordpress.com/2015/06/19/apache-sling-referrer-filter/

I hope this would help you.

Thanks and Regards

Kautuk Sahni

Answers (1)

Answers (1)

Avatar

Avatar

smacdonald2008

Total Posts

12.7K

Likes

1.4K

Correct Reply

2.3K

Avatar

smacdonald2008

Total Posts

12.7K

Likes

1.4K

Correct Reply

2.3K
smacdonald2008

30-05-2016

see this Article where a Java swing app posts data to an AEM servlet:  http://scottsdigitalcommunity.blogspot.ca/2014/03/creating-java-swing-applications-that.html?m=0