Expand my Community achievements bar.

Submissions are now open for the 2026 Adobe Experience Maker Awards.
Apply Now

Mark Solution

This conversation has been locked due to inactivity. Please create a new post.

SOLVED

Simple Webservice in AEM not accessible - Authentication Failure

Avatar

Level 3
Level 3
5/30/16 3:59:53 AM

Hello,

AEM Version: 6.1

I have a simple SlingServlet which returns a string on /GET at path /bin/getstring

This AEM is hosted at, for example, http://custom-host.com:4502

Now, an external frontend application is not been able to sent GET requests to this service and looking at the network logs, I receive 403 Forbidden.

As I understand, the login-cookie is not created by the external frontend application and hence  403 is thrown. Is there a possibility of a workaround here for an external frontend application to call the AEM based custom servlet?

Views

1.9K

Replies

2
Sign in to like this content

Total Likes

Translate
Translate
1 Accepted Solution

Avatar

Correct answer by
Administrator
Administrator
5/30/16 5:02:27 AM

Hi

Add "@Property(name = "sling.auth.requirements", value = "-/bin/mySearchServlet")" This results in the Sling Servlet not requiring authentication. 

Link:- https://sling.apache.org/documentation/the-sling-engine/authentication/authentication-framework.html (sling.auth.requirements)

OR

if you call it from external client (another website or REST client plugin...) CQ security filter will be triggered to prevent your action then return 403 error to remove this please follow these steps:

1/ http://localhost:4502/system/console/configMgr
2/ Search for 'Apache Sling Referrer Filter'
3/ Remove POST method from the filter. Then you can call your POST method anywhere.

 

Another Reference Links:- https://aem6solutions.wordpress.com/2015/06/19/apache-sling-referrer-filter/

I hope this would help you.

Thanks and Regards

Kautuk Sahni



Kautuk Sahni

View solution in original post

Views

1.7K

Replies

0
Sign in to like this content

Total Likes

Translate
Translate
Jump to reply
2 Replies

Avatar

Level 10
Level 10
5/30/16 4:53:58 AM

see this Article where a Java swing app posts data to an AEM servlet:  http://scottsdigitalcommunity.blogspot.ca/2014/03/creating-java-swing-applications-that.html?m=0

Views

1.4K

Replies

0
Sign in to like this content

Total Likes

Translate
Translate

Avatar

Correct answer by
Administrator
Administrator
5/30/16 5:02:27 AM

Hi

Add "@Property(name = "sling.auth.requirements", value = "-/bin/mySearchServlet")" This results in the Sling Servlet not requiring authentication. 

Link:- https://sling.apache.org/documentation/the-sling-engine/authentication/authentication-framework.html (sling.auth.requirements)

OR

if you call it from external client (another website or REST client plugin...) CQ security filter will be triggered to prevent your action then return 403 error to remove this please follow these steps:

1/ http://localhost:4502/system/console/configMgr
2/ Search for 'Apache Sling Referrer Filter'
3/ Remove POST method from the filter. Then you can call your POST method anywhere.

 

Another Reference Links:- https://aem6solutions.wordpress.com/2015/06/19/apache-sling-referrer-filter/

I hope this would help you.

Thanks and Regards

Kautuk Sahni



Kautuk Sahni

Views

1.7K

Replies

0
Sign in to like this content

Total Likes

Translate
Translate
Jump to reply
Related Conversations
AEM design importer Upload Zip Option not working after Service pack 6.5.23 Solved

Views

172

Likes

0

Replies

6
Dynamic media : SVG's preview in Author environment

Views

40

Likes

0

Replies

1
AEM Logs indicates 404 errors on page load in PROD

Views

47

Likes

0

Replies

1
Meta Translation Functions Not Active For Custom Translator Connector

Views

68

Likes

0

Replies

1
AEM cloud dispatcher farm files

Views

123

Like

1

Replies

3