Expand my Community achievements bar.

Dive into Adobe Summit 2024! Explore curated list of AEM sessions & labs, register, connect with experts, ask questions, engage, and share insights. Don't miss the excitement.
SOLVED

Sling Servlet un-resolved for two different requests

Avatar

Level 1

I have a Sling Servlet named RecommendationsServlet which is resolved for one user and un-resolved for the other. I have attached screenshots for both the requests from Felix. Only difference I see is that the request is processed as a customer for one user and full-customer for another in the felix console. Please help ASAP.

 

 

1 Accepted Solution

Avatar

Correct answer by
Level 9

Srikanth Kaleshwaram wrote...

@JorgHoh, Yes that was my observation too. We are using a third party IDP and no users are configured in AEM. I just wanted to find out for which OOTB users would AEM allocate "customer" and "full-customer" access. Also, there are no ACLs on the resource.

 


Agree with Jorg & your observation it is ACL issue.   ACL evaluated bottom up & verify all the inherited permission & not only at resources.   Apart from ACL other possibilities are

  • Verify the permissions of service user used in your component if any.
  • Using IDP without acl sounds missing some thing.   Verify in the logs what is the user id listed as.

View solution in original post

7 Replies

Avatar

Level 10

How are you invoking this Servlet? 

Avatar

Level 1

@Smacdonald2008:

Thanks for your intervention. I am invoking the servlet using an Ajax call. The servlet invoke is successful for one user and exception occurs for another user. All parameters passed to the server from the browser are the same. There is no user level access. I have also attached the requests on the Felix console. please have a look. The issue is that AEM works with a different resolution though all the selectors, suffixes are the same. The exception received is as below for the problematic request.

"org.apache.sling.api.resource.PersistenceException: Resource at '/en/preferred-access/jcr:content.recommendations.json' is not modifiable."

  1.  

Avatar

Level 10

Show us the syntax of your @SlingServlet annotation. Is the page you are invoking the servlet from require a user to login to access? 

Avatar

Employee Advisor

Hi,

I guess that the problem lies in here (line 5 in the screenshots):

  • in case of customer: "$path resolves to Resource = NonExistingResource"
  • in case of full-customer: $path resolves to Resource = JcrNodeResource, ..."

Please check the ACLs on the resources, if these 2 users are allowed to read this resource.

Avatar

Level 1

@JorgHoh, Yes that was my observation too. We are using a third party IDP and no users are configured in AEM. I just wanted to find out for which OOTB users would AEM allocate "customer" and "full-customer" access. Also, there are no ACLs on the resource.

Avatar

Level 1

@SmackDonald2008, PFB the details:

 

@SlingServlet(selectors = { "recommendations" }, extensions = { "html", "json" }, methods = { "POST" })
public class RecommendationsServlet extends SlingAllMethodsServlet {

Avatar

Correct answer by
Level 9

Srikanth Kaleshwaram wrote...

@JorgHoh, Yes that was my observation too. We are using a third party IDP and no users are configured in AEM. I just wanted to find out for which OOTB users would AEM allocate "customer" and "full-customer" access. Also, there are no ACLs on the resource.

 


Agree with Jorg & your observation it is ACL issue.   ACL evaluated bottom up & verify all the inherited permission & not only at resources.   Apart from ACL other possibilities are

  • Verify the permissions of service user used in your component if any.
  • Using IDP without acl sounds missing some thing.   Verify in the logs what is the user id listed as.