I have a Sling Servlet named RecommendationsServlet which is resolved for one user and un-resolved for the other. I have attached screenshots for both the requests from Felix. Only difference I see is that the request is processed as a customer for one user and full-customer for another in the felix console. Please help ASAP.
Solved! Go to Solution.
Views
Replies
Total Likes
Srikanth Kaleshwaram wrote...
@JorgHoh, Yes that was my observation too. We are using a third party IDP and no users are configured in AEM. I just wanted to find out for which OOTB users would AEM allocate "customer" and "full-customer" access. Also, there are no ACLs on the resource.
Agree with Jorg & your observation it is ACL issue. ACL evaluated bottom up & verify all the inherited permission & not only at resources. Apart from ACL other possibilities are
Views
Replies
Total Likes
How are you invoking this Servlet?
Views
Replies
Total Likes
@Smacdonald2008:
Thanks for your intervention. I am invoking the servlet using an Ajax call. The servlet invoke is successful for one user and exception occurs for another user. All parameters passed to the server from the browser are the same. There is no user level access. I have also attached the requests on the Felix console. please have a look. The issue is that AEM works with a different resolution though all the selectors, suffixes are the same. The exception received is as below for the problematic request.
"org.apache.sling.api.resource.PersistenceException: Resource at '/en/preferred-access/jcr:content.recommendations.json' is not modifiable."
Views
Replies
Total Likes
Show us the syntax of your @SlingServlet annotation. Is the page you are invoking the servlet from require a user to login to access?
Views
Replies
Total Likes
Hi,
I guess that the problem lies in here (line 5 in the screenshots):
Please check the ACLs on the resources, if these 2 users are allowed to read this resource.
Views
Replies
Total Likes
@JorgHoh, Yes that was my observation too. We are using a third party IDP and no users are configured in AEM. I just wanted to find out for which OOTB users would AEM allocate "customer" and "full-customer" access. Also, there are no ACLs on the resource.
Views
Replies
Total Likes
@SmackDonald2008, PFB the details:
@SlingServlet(selectors = { "recommendations" }, extensions = { "html", "json" }, methods = { "POST" })
public class RecommendationsServlet extends SlingAllMethodsServlet {
Views
Replies
Total Likes
Srikanth Kaleshwaram wrote...
@JorgHoh, Yes that was my observation too. We are using a third party IDP and no users are configured in AEM. I just wanted to find out for which OOTB users would AEM allocate "customer" and "full-customer" access. Also, there are no ACLs on the resource.
Agree with Jorg & your observation it is ACL issue. ACL evaluated bottom up & verify all the inherited permission & not only at resources. Apart from ACL other possibilities are
Views
Replies
Total Likes