SOLVED
Using SlingServletFilter for Filtering dam:Asset resource type not working
1 Accepted Solution
Correct answer by
Hi @akhilesh_gupta,
The root cause of the issue is below line:
extensions= {"jpg","html","png","csv"},Let me explain what is going on. Let assume that you are requesting asset under following url /content/dam/we-retail/en/features/tracking.png at first look it matches the criteria you have configured in your filter configuration, but the filter will not be executed.
So, let's check how above request is recognized by AEM, this can be done by using Recent Requests tool from System Console - /system/console/requests
As you can see .png is not recognized as an extension but as a part of path. So this is why filter has not been executed, even if in theory it should.
Lets check what is in crx, as this will clarify why DAM resource extension is recognized as a part of the path and not an extension.
It can be clearly seen, that extension is part of node name, so it has been correctly recognized as part of the path.
To make it work, you can modify configuration of your filter like this:
@Component
@SlingServletFilter(
scope = { SlingServletFilterScope.REQUEST },
methods = {"GET"},
resourceTypes = {"dam:Asset"},
pattern = "/content/dam/.*"
)
//
doFilter(ServletRequest servletRequest, ServletResponse servletResponse, FilterChain filterChain) {
// check extension manually
final SlingHttpServletRequest slingRequest = (SlingHttpServletRequest) servletRequest;
if (slingRequest != null && slingRequest.getRequestPathInfo() != null) {
String path = slingRequest.getRequestPathInfo().getResourcePath();
if (StringUtils.endsWithAny(path, ".jpg", ".html", ".png", ".csv")) {
// place for other code
}
}
}alternatively you can try to modify pattern in the way it will include the extension(s).
One last thing, if you will add to the sample requested path one of the extensions from your filter configuration e.g. /content/dam/we-retail/en/features/tracking.png.png in that case your filter will be executed in the form as is.
Hi @akhilesh_gupta ,
Please check this to register Filter using DS annotation - https://experienceleaguecommunities.adobe.com/t5/adobe-experience-manager/sling-servlet-filter/m-p/4...
Also in doFilter method you can check for dam:Asset
public void doFilter(SlingHttpServletRequest request, SlingHttpServletResponse response, FilterChain chain) throws IOException, ServletException {
String resourceType = request.getResource().getResourceType();
String path = request.getRequestPathInfo().getResourcePath();
if ("dam:Asset".equals(resourceType) && path.startsWith("/content/dam/")) {
response.sendError(SlingHttpServletResponse.SC_FORBIDDEN, "Access denied");
return;
}
// allow the request to continue
}
Regards,
Shiv
Shiv Prakash
Correct answer by
Hi @akhilesh_gupta,
The root cause of the issue is below line:
extensions= {"jpg","html","png","csv"},Let me explain what is going on. Let assume that you are requesting asset under following url /content/dam/we-retail/en/features/tracking.png at first look it matches the criteria you have configured in your filter configuration, but the filter will not be executed.
So, let's check how above request is recognized by AEM, this can be done by using Recent Requests tool from System Console - /system/console/requests
As you can see .png is not recognized as an extension but as a part of path. So this is why filter has not been executed, even if in theory it should.
Lets check what is in crx, as this will clarify why DAM resource extension is recognized as a part of the path and not an extension.
It can be clearly seen, that extension is part of node name, so it has been correctly recognized as part of the path.
To make it work, you can modify configuration of your filter like this:
@Component
@SlingServletFilter(
scope = { SlingServletFilterScope.REQUEST },
methods = {"GET"},
resourceTypes = {"dam:Asset"},
pattern = "/content/dam/.*"
)
//
doFilter(ServletRequest servletRequest, ServletResponse servletResponse, FilterChain filterChain) {
// check extension manually
final SlingHttpServletRequest slingRequest = (SlingHttpServletRequest) servletRequest;
if (slingRequest != null && slingRequest.getRequestPathInfo() != null) {
String path = slingRequest.getRequestPathInfo().getResourcePath();
if (StringUtils.endsWithAny(path, ".jpg", ".html", ".png", ".csv")) {
// place for other code
}
}
}alternatively you can try to modify pattern in the way it will include the extension(s).
One last thing, if you will add to the sample requested path one of the extensions from your filter configuration e.g. /content/dam/we-retail/en/features/tracking.png.png in that case your filter will be executed in the form as is.
