Your achievements

Level 1

0% to

Level 2

Tip /
Sign in

Sign in to Community

to gain points, level up, and earn exciting badges like the new
Bedrock Mission!

Learn more

View all

Sign in to view all badges

Sling Servlet path vs resourceType

manikanthar1295
Level 5
Level 5
‎02-03-2019 00:52 PST

Hi,

Is there any recommendation by AEM like when we have use path as well as resourceType while creating the Sling Servlet.

OR

What is major different between creating Servlet using path as well as resourceType.

Regards

Manikantha R

Views

8.8K

Replies

3

Total Likes

Translate
3 Replies
Prince_Shivhare
Community Advisor
Community Advisor
‎02-03-2019 01:17 PST

Path and resourceType both are used for registering the servlet.

When we register a servlet using path, we must be specific what all paths are allowed as If we define something randomly, our servlet might not be function properly. Only a limited set of paths are allowed and the rest are blocked. We can add more path using Apache Sling Servlet / Script Resolver and Error Handler. Allowing more paths to execute servlet to make your application vulnerable. like below image

Apache-sling-servlet-resolver-error-handler.jpg

That’s why you should not open more doors for servlets to run until and unless it is required. You might also need to tell specific paths to your consumers, who are consuming servlet response using ajax and any change in that path could have a serious affect.

This might not be the case when you use resourceType. Sling Engine will take care of permissions if you register servlet using Resource Type. Users who cannot access a particular resource will not be able to invoke the servlet.

There is a good article by Ankur. please check this and let us know if you have any question in this.

http://www.aemcq5tutorials.com/tutorials/sling-servlet-in-aem/#advantages_selector_over_path

http://www.aemcq5tutorials.com/tutorials/sling-servlet-in-aem/

~ Prince

Views

6.9K

Replies

1

Total Likes

Translate
neeravp81517961
Level 1
Level 1
‎12-09-2019 07:11 PDT
In response to Prince_Shivhare

This was the missing piece I was looking for. Our requirement was to use /options/ for post request and I was only able to make it work with /bin , thanks a lot for your help

Views

6.9K

Replies

0

Total Likes

Translate
Gaurav-Behl
Community Advisor
Community Advisor
‎02-03-2019 04:21 PST

Caveats when binding servlets by path

Binding servlets by paths has several disadvantages when compared to binding by resource types, namely:

  • path-bound servlets cannot be access controlled using the default JCR repository ACLs
  • path-bound servlets can only be registered to a path and not a resource type (i.e. no suffix handling)
  • if a path-bound servlet is not active, e.g. if the bundle is missing or not started, a POST might result in unexpected results. usually creating a node at /bin/xyz which subsequently overlays the servlets path binding
  • the mapping is not transparent to a developer looking just at the repository

Given these drawbacks it is strongly recommended to bind servlets to resource types rather than paths.

Path based servlets are deprecated as they are dependent on maven-scr-plugin (DS1.2/R4). If you plan to use R6 or R7 in latest version of AEM, then maven-scr-plugin is not recommended. 

check adaptTo() 2018 video @ Apache Sling :: Servlets and Scripts 

Views

6.9K

Replies

0

Total Likes

Translate