Expand my Community achievements bar.

Guidelines for the Responsible Use of Generative AI in the Experience Cloud Community.
SOLVED

Using SlingServletFilter for Filtering dam:Asset resource type not working

Avatar

Level 1

I need to process any request that is going for an asset under /content/dam in AEM. Following is the code:

@SlingServletFilter(

scope = {SlingServletFilterScope.REQUEST},
pattern = "/content/dam/.*",
resourceTypes={"dam:Asset"},
extensions= {"jpg","html","png","csv"},
methods = {"GET"}

)

 

The above filter is getting registered under sling filters but is not being hit when I am trying to access any asset under dam.

 

1 Accepted Solution

Avatar

Correct answer by
Community Advisor

Hi @akhilesh_gupta,

The root cause of the issue is below line:

extensions= {"jpg","html","png","csv"},

Let me explain what is going on. Let assume that you are requesting asset under following url /content/dam/we-retail/en/features/tracking.png at first look it matches the criteria you have configured in your filter configuration, but the filter will not be executed.

So, let's check how above request is recognized by AEM, this can be done by using Recent Requests tool from System Console - /system/console/requests

system-console-recent-requests.jpg

As you can see .png is not recognized as an extension but as a part of path. So this is why filter has not been executed, even if in theory it should.

Lets check what is in crx, as this will clarify why DAM resource extension is recognized as a part of the path and not an extension.

crx-dam-view.jpg

It can be clearly seen, that extension is part of node name, so it has been correctly recognized as part of the path.

To make it work, you can modify configuration of your filter like this:

@Component
@SlingServletFilter(
        scope = { SlingServletFilterScope.REQUEST },
        methods = {"GET"},
        resourceTypes = {"dam:Asset"},
        pattern = "/content/dam/.*"
)

//

doFilter(ServletRequest servletRequest, ServletResponse servletResponse, FilterChain filterChain) {
   // check extension manually
        final SlingHttpServletRequest slingRequest = (SlingHttpServletRequest) servletRequest;
        if (slingRequest != null && slingRequest.getRequestPathInfo() != null) {
            String path = slingRequest.getRequestPathInfo().getResourcePath();
            if (StringUtils.endsWithAny(path, ".jpg", ".html", ".png", ".csv")) {
               // place for other code
            }
        }
}

alternatively you can try to modify pattern in the way it will include the extension(s).

One last thing, if you will add to the sample requested path one of the extensions from your filter configuration e.g. /content/dam/we-retail/en/features/tracking.png.png in that case your filter will be executed in the form as is.

View solution in original post

3 Replies

Avatar

Community Advisor

Can you try removing below and check?

resourceTypes={"dam:Asset"},



Arun Patidar

Avatar

Community Advisor

Hi @akhilesh_gupta ,

Please check this to register Filter using DS annotation - https://experienceleaguecommunities.adobe.com/t5/adobe-experience-manager/sling-servlet-filter/m-p/4...

Also in doFilter method you can check for dam:Asset

public void doFilter(SlingHttpServletRequest request, SlingHttpServletResponse response, FilterChain chain) throws IOException, ServletException {

String resourceType = request.getResource().getResourceType();
String path = request.getRequestPathInfo().getResourcePath();

if ("dam:Asset".equals(resourceType) && path.startsWith("/content/dam/")) {
response.sendError(SlingHttpServletResponse.SC_FORBIDDEN, "Access denied");
return;
}
// allow the request to continue

}

Regards,

Shiv

 

Shiv Prakash

Avatar

Correct answer by
Community Advisor

Hi @akhilesh_gupta,

The root cause of the issue is below line:

extensions= {"jpg","html","png","csv"},

Let me explain what is going on. Let assume that you are requesting asset under following url /content/dam/we-retail/en/features/tracking.png at first look it matches the criteria you have configured in your filter configuration, but the filter will not be executed.

So, let's check how above request is recognized by AEM, this can be done by using Recent Requests tool from System Console - /system/console/requests

system-console-recent-requests.jpg

As you can see .png is not recognized as an extension but as a part of path. So this is why filter has not been executed, even if in theory it should.

Lets check what is in crx, as this will clarify why DAM resource extension is recognized as a part of the path and not an extension.

crx-dam-view.jpg

It can be clearly seen, that extension is part of node name, so it has been correctly recognized as part of the path.

To make it work, you can modify configuration of your filter like this:

@Component
@SlingServletFilter(
        scope = { SlingServletFilterScope.REQUEST },
        methods = {"GET"},
        resourceTypes = {"dam:Asset"},
        pattern = "/content/dam/.*"
)

//

doFilter(ServletRequest servletRequest, ServletResponse servletResponse, FilterChain filterChain) {
   // check extension manually
        final SlingHttpServletRequest slingRequest = (SlingHttpServletRequest) servletRequest;
        if (slingRequest != null && slingRequest.getRequestPathInfo() != null) {
            String path = slingRequest.getRequestPathInfo().getResourcePath();
            if (StringUtils.endsWithAny(path, ".jpg", ".html", ".png", ".csv")) {
               // place for other code
            }
        }
}

alternatively you can try to modify pattern in the way it will include the extension(s).

One last thing, if you will add to the sample requested path one of the extensions from your filter configuration e.g. /content/dam/we-retail/en/features/tracking.png.png in that case your filter will be executed in the form as is.