We are not able to access the /apps data in the pathfield if we give the rootpath=/apps in AEM 6.4.2. http://localhost:4502/apps.ext.json?_dc=1587623884633&predicate=siteadmin&_charset_=utf-8&node=xnode-34 always returns blank data.
We have checked the permissions of the /apps folder and tried giving all the permissions to everyone group but its not working.
Kindly suggest.
Thanks,
Ni**bleep**a Sikaria
Solved! Go to Solution.
Views
Replies
Total Likes
Hi @textlang,
It's best NOT to allow access to the /apps folder, especially to the everyone group. This will open yourself up to security vulnerabilities.
Instead, to get a JSON representation of the contents for the given folder, you should create a Sling Servlet. You must create a system user, set ACL permissions, and configure the Apache sling Service User Mapper Service Amendment (tutorial); or a more streamlined and automated way, use the ACS Commons Ensure Authorizable to set these things up.
https://localhost:4503/home.appsfolder.json; you can use this strategy to sugar coat or to change the formatting of the URL when delivering the content.
Example:
@Component(service = Servlet.class)
@SlingServletResourceTypes(
resourceTypes = "sling/servlet/default",
methods = METHOD_GET,
extensions = "json",
selectors = "appsfolder")
public class AppsFolderServlet extends SlingSafeMethodsServlet {
@Override
protected void doGet(SlingHttpServletRequest req, SlingHttpServletResponse res) throws IOException {
res.setContentType(APPLICATION_JSON_UTF8);
res.setStatus(SlingHttpServletResponse.SC_OK);
List<Folder> folders = getFolders(req);
String json = new ObjectMapper().writeValueAsString(pageItems);
res.getWriter().write(json);
}
private List<Folder> getFolders() {
...
return folder;
}
}
Caveats when binding servlets by path:
Binding servlets by paths has several disadvantages when compared to binding by resource types, namely:
Documentation: https://sling.apache.org/documentation/the-sling-engine/servlets.html#caveats-when-binding-servlets-...
I hope this works.
Views
Replies
Total Likes
Hi @textlang,
It's best NOT to allow access to the /apps folder, especially to the everyone group. This will open yourself up to security vulnerabilities.
Instead, to get a JSON representation of the contents for the given folder, you should create a Sling Servlet. You must create a system user, set ACL permissions, and configure the Apache sling Service User Mapper Service Amendment (tutorial); or a more streamlined and automated way, use the ACS Commons Ensure Authorizable to set these things up.
https://localhost:4503/home.appsfolder.json; you can use this strategy to sugar coat or to change the formatting of the URL when delivering the content.
Example:
@Component(service = Servlet.class)
@SlingServletResourceTypes(
resourceTypes = "sling/servlet/default",
methods = METHOD_GET,
extensions = "json",
selectors = "appsfolder")
public class AppsFolderServlet extends SlingSafeMethodsServlet {
@Override
protected void doGet(SlingHttpServletRequest req, SlingHttpServletResponse res) throws IOException {
res.setContentType(APPLICATION_JSON_UTF8);
res.setStatus(SlingHttpServletResponse.SC_OK);
List<Folder> folders = getFolders(req);
String json = new ObjectMapper().writeValueAsString(pageItems);
res.getWriter().write(json);
}
private List<Folder> getFolders() {
...
return folder;
}
}
Caveats when binding servlets by path:
Binding servlets by paths has several disadvantages when compared to binding by resource types, namely:
Documentation: https://sling.apache.org/documentation/the-sling-engine/servlets.html#caveats-when-binding-servlets-...
I hope this works.
Views
Replies
Total Likes
Views
Likes
Replies