I have an OSGI service/service implementation combo to store the GTM codes.
I have some passwords that's stored in .java files at the moment. To make it more secure, I followed the same technique used on the GTM codes to create an OSGI config (acessible via configMgr). I have no problems accessing it on my component class (com.myhost.core.impl.view.component.mycomponent).
The issue I have is I cannot access the password config in a servlet.
This lead me to believe that perhaps I'm doing it wrong.
So I searched the net and came across this article (https://aemhq.com/posts/aem-encryption-101-how-to-encrypt-a-shared-secret/).
3 questions
I actually have tried question 3. I followed the article. I created a new XML (filename=com.myhost.core.services.impl.whatever.xml) file inside ui.apps/src/main/content/jcr_root/apps/myhost/configs/config.author.localhost and used the xml below as the contents of the file. I installed the compiled maven package (.zip) but I cannot see the new XML in CRXDE (/apps/myhost/configs/config.author.localhost).
<?xml version="1.0" encoding="UTF-8"?>
<jcr:root xmlns:sling="http://sling.apache.org/jcr/sling/1.0"
xmlns:jcr="http://www.jcp.org/jcr/1.0" jcr:primaryType="sling:OsgiConfig"
username="mySampleUsername"
encryptedpassword="{89cb4befeb375b865332fed9bbde85b8842a2318be4901851c3b5a0495c49f13dad8b4cfd38a6fa26f07ea361ea4994e}"/>
Thanks for the help!
Solved! Go to Solution.
1. I think Crypto Support provided by Adobe, so it should according to a standard guideline. in addition to your article, you can also read more about crypto support https://www.argildx.com/crypto-support-aem/
2. You can read configurations in servlet via ConfigurationAdmin.
@Reference
private ConfigurationAdmin configAdmin;
private static final String LOGGER_FACTORY_PID = "org.apache.sling.commons.log.LogManager.factory.config";
@Override
protected void doGet(SlingHttpServletRequest request, SlingHttpServletResponse response) throws ServletException {
Configuration loggerFactoryConfig = configAdmin.getConfiguration(LOGGER_FACTORY_PID);
}
I would recommend creating OSGi service along with the OSGi configuration of the same name and use that service in servlet.
3. Name of the configurations file can be the arbitrary name but if you have created OSGi service then the configurations file name should be same as the service name. Read here more about OSGi configurations Configuring OSGi.
4. Check your filter package filter.xml, you might have forgotten to add xml file
Hi,
Yes you can use OOTB encryption to store password.
To access any factory or service configuration you can check below: aem63app-repo/ReadOsgiRepoConfImpl.java at master · arunpatidar02/aem63app-repo · GitHub
but you can access encryption configs as mentioned in the article
you can create sling:OsgiConfig osgi config inside repo with node name of PID for your service and to access its configs you should use service reference.
1. I think Crypto Support provided by Adobe, so it should according to a standard guideline. in addition to your article, you can also read more about crypto support https://www.argildx.com/crypto-support-aem/
2. You can read configurations in servlet via ConfigurationAdmin.
@Reference
private ConfigurationAdmin configAdmin;
private static final String LOGGER_FACTORY_PID = "org.apache.sling.commons.log.LogManager.factory.config";
@Override
protected void doGet(SlingHttpServletRequest request, SlingHttpServletResponse response) throws ServletException {
Configuration loggerFactoryConfig = configAdmin.getConfiguration(LOGGER_FACTORY_PID);
}
I would recommend creating OSGi service along with the OSGi configuration of the same name and use that service in servlet.
3. Name of the configurations file can be the arbitrary name but if you have created OSGi service then the configurations file name should be same as the service name. Read here more about OSGi configurations Configuring OSGi.
4. Check your filter package filter.xml, you might have forgotten to add xml file
Thanks for the response. With question 2, what sort of reference do I need to import to get it work?
I'm currently using "org.osgi.service.component.annotations.Reference" and
have the following Java code in my servlet
@Reference
private ConfigurationAdmin configAdmin;
private static final String LOGGER_FACTORY_PID = "org.apache.sling.commons.log.LogManager.factory.config";
@Override
protected void doGet(SlingHttpServletRequest request, SlingHttpServletResponse response) throws ServletException, IOException {
Configuration loggerFactoryConfig = configAdmin.getConfiguration(LOGGER_FACTORY_PID);
configAdmin is null and this results in an NPE error.
Any ideas what I could be doing wrong? Thanks
Hi,
You might be missing Service User Mapping configure for the bundle.
Check your erro.log and see if you have below error:
" org.apache.sling.jcr.resource.internal.JcrSystemUserValidator The provided service user id 'serviceuser--Lab2019.core' is not a known JCR system user id and therefore not allowed in the Sling Service User Mapper."
Read here for service user configurations Service Users in AEM
Views
Like
Replies