I have the following scenario (Author Instance):
- Install a clean AEM 6.2 or 6.3 instance (error happens on both versions)
- Upload/install a custom (and simple) ui.app package
- All works fine, no errors, I can create/delete pages and also access /system/console/bundles
- Stop AEM, then restart AEM
- Now I constantly get the error (can't create/delete pages, can't access /system/console/bundles):
02.12.2017 10:32:37.131 *ERROR* [0:0:0:0:0:0:0:1 [1512239557128] GET /libs/granite/csrf/token.json HTTP/1.1] org.apache.sling.engine.impl.SlingRequestProcessorImpl service: Uncaught Throwable
java.lang.NoSuchMethodError: org.json.JSONWriter.<init>(Ljava/io/Writer;)V
.....
If I uninstall the package, all works fine again.
This is happening in AEM 6.2 (with or without AEM updates) AND AEM 6.3.
I am indeed using a GET servlet to retrieve content in the JSON format. And I am using jQuery for content tables on the Web pages.
A couple of interesting findings:
- This error happens all over the place. E.g. when I load the Felix console (/system/console) the list of bundles doesn't show. Instead I get the same error message.
- There is no cross-reference access in the whole custom package. And my servlet is a GET servlet.
- If I enter http://localhost:4502/libs/granite/csrf/token.json I get the same error...
org.json.JSONWriter.<init>(Ljava/io/Writer;)V
Cannot serve request to /libs/granite/csrf/token.json in com.adobe.granite.csrf.impl.CSRFServlet
Exception:
java.lang.NoSuchMethodError: org.json.JSONWriter.<init>(Ljava/io/Writer;)V
at com.adobe.granite.csrf.impl.CSRFServlet.doGet(CSRFServlet.java:119)
at org.apache.sling.api.servlets.SlingSafeMethodsServlet.mayService(SlingSafeMethodsServlet.java:270)
at org.apache.sling.api.servlets.SlingSafeMethodsServlet.service(SlingSafeMethodsServlet.java:346)
at org.apache.sling.api.servlets.SlingSafeMethodsServlet.service(SlingSafeMethodsServlet.java:378)
at org.apache.sling.engine.impl.request.RequestData.service(RequestData.java:552)
To summarize:
- After installing a custom package all works fine. But after restarting AEM, things go bologna.
- If I uninstall the custom package (even with no restart) all works fine again and I don't get the error.
- It's a CSRF error (cross-site...), but there are no cross site requests in the custom package.
- If I repeat http://localhost:4502/libs/granite/csrf/token.json after removing the custom package I get the following response.
{
token: "eyJleHAiOjE1MTIyNDE4MzUsImlhdCI6MTUxMjI0MTIzNX0.FRUNuXsR51Od_Xnhsxu7APGBKptUmJ9bha5o58-gZUA"
}
Is it possible that
- I am missing a configuration setting somewhere? This is happening in AEM 6.2 and AEM 6.3 and I can't assume it's an "undetected bug".
- Can't the token be generated? Or is it generated but can't be returned?
Since this is happening in both versions of AEM, 6.2 and 6.3 and since I assume I am not the only one using a GET servlet to generate a JSON response, I am quite sure I am missing some sort of configuration or setting.
Any idea what this could be?
Thanks!
The error as it appears in the error.log
02.12.2017 10:32:37.131 *ERROR* [0:0:0:0:0:0:0:1 [1512239557128] GET /libs/granite/csrf/token.json HTTP/1.1] org.apache.sling.engine.impl.SlingRequestProcessorImpl service: Uncaught Throwable
java.lang.NoSuchMethodError: org.json.JSONWriter.<init>(Ljava/io/Writer;)V
at com.adobe.granite.csrf.impl.CSRFServlet.doGet(CSRFServlet.java:119)
at org.apache.sling.api.servlets.SlingSafeMethodsServlet.mayService(SlingSafeMethodsServlet.java:270)
at org.apache.sling.api.servlets.SlingSafeMethodsServlet.service(SlingSafeMethodsServlet.java:346)
at org.apache.sling.api.servlets.SlingSafeMethodsServlet.service(SlingSafeMethodsServlet.java:378)
at org.apache.sling.engine.impl.request.RequestData.service(RequestData.java:552)
at org.apache.sling.engine.impl.filter.SlingComponentFilterChain.render(SlingComponentFilterChain.java:44)
at org.apache.sling.engine.impl.filter.AbstractSlingFilterChain.doFilter(AbstractSlingFilterChain.java:77)
at com.day.cq.wcm.core.impl.WCMDebugFilter.doFilter(WCMDebugFilter.java:156)
at org.apache.sling.engine.impl.filter.AbstractSlingFilterChain.doFilter(AbstractSlingFilterChain.java:68)
at com.day.cq.wcm.core.impl.WCMComponentFilter.filterRootInclude(WCMComponentFilter.java:375)
at com.day.cq.wcm.core.impl.WCMComponentFilter.doFilter(WCMComponentFilter.java:190)
at org.apache.sling.engine.impl.filter.AbstractSlingFilterChain.doFilter(AbstractSlingFilterChain.java:68)
at com.day.cq.personalization.impl.TargetComponentFilter.doFilter(TargetComponentFilter.java:96)
.....
