since ‎11-02-2013
‎20-11-2020
courtthreeGDC
Level 2
Exponential/Unexplained CRX Growth in Segment Store
Avatar

courtthreeGDC

courtthreeGDC
- Adobe Experience Manager
Afternoon AEM Team,We have a real head scratcher here. Our UAT environment is growing in size at a phenomenal rate. It grew 13GB just today while sitting idle (although it did do a re-index after TAR compaction). It added 52 TAR files to the segment store in just one day!We did a TAR compaction which only saved maybe 8% of disk space.We have a total of over 1800 TAR files and the segment store is 151GB.When using the Disk Usage utility (/etc/reports/diskusage.html) AEM only reports its size as o...

Views

774

Likes

0

Replies

2
Re: Error when enabling Encapsulated Token support for dual publish environment
Avatar

courtthreeGDC

courtthreeGDC
- Adobe Experience Manager
Thanks again mate.For resetting, do you recommend: https://helpx.adobe.com/uk/experience-manager/kb/how-to-reset-the-truststore-if-it-get-corrupted-in-AEM.htmlHow to reset the truststore in AEM I'll also check the permissions and revert back ASAP!

Views

1.4K

Likes

0

Replies

0
SAML Authentication across multiple publish instances and user replication concern
Avatar

courtthreeGDC

courtthreeGDC
- Adobe Experience Manager
Good evening AEM Team!We have integrated Okta as the IDM for our AEM 6.2 website. We have done so using a fairly standard SAML configuration which has worked well. In our live/production environment we have two publish instances so we have been testing the integration across two publish environments.We have enabled Encapsulated Token support on both instances and we have found that, in order for the encapsulated token to work, the associated user account must exist on both publish instances.Howe...

Views

532

Likes

0

Replies

2
Re: Error when enabling Encapsulated Token support for dual publish environment
Avatar

courtthreeGDC

courtthreeGDC
- Adobe Experience Manager
Thanks so much for jumping in Jaideep.Our instance is 6.2 so we have to use the method described here: Encapsulated Token Support Are you saying we can use the 6.3 method on 6.2?

Views

1.4K

Likes

0

Replies

2
Error when enabling Encapsulated Token support for dual publish environment
Avatar

courtthreeGDC

courtthreeGDC
- Adobe Experience Manager
Good evening AEM Team!We have integrated Okta as the IDM for our AEM 6.2 website. We have done so using a fairly standard SAML configuration which has worked well. In our live/production environment we have two publish instances so we have been testing the integration across two publish environments.We have configured:- Apache Sling Distribution Agents - Sync Agents Factory- Adobe Granite Distribution - Encrypted Password Transport Secret Provider- Apache Sling Distribution Trigger - Scheduled T...

Views

1.6K

Likes

0

Replies

4
Re: SAML Authentication generates anonymous user session instead of authenticated user
Avatar

courtthreeGDC

courtthreeGDC
- Adobe Experience Manager
As suspected, this did not move us on. Adobe have now requested the following:At this point could you setup a custom logger for the classes below,* org.apache.sling.auth.core* org.apache.jackrabbit.oak.security* org.apache.jackrabbit.oak.spi.security* com.adobe.granite.auth.samlThen perform a login and provide it in addition to this logs files* apache log file, * dispatcher log file* aem error.log* aem access.log* aem request.logWe are in the process of compiling these but we are also going to a...

Views

8.0K

Likes

0

Replies

1
Re: SAML Authentication generates anonymous user session instead of authenticated user
Avatar

courtthreeGDC

courtthreeGDC
- Adobe Experience Manager
Thanks again for staying on board.I have done this (a week or so ago at Adobe's request). They have just come back with the following:------------------------------------------------------------------I saw on the SAML response that no field "uid" was returned in the "AttributeStatement", [0][1]in an OOTB instance this is used to map the user to an AEM principal (see com.adobe.granite.auth.saml.SamlAuthenticationHandler > userIDAttribute)-----------------------------------------------------------...

Views

8.0K

Likes

0

Replies

2
Re: SAML Authentication generates anonymous user session instead of authenticated user
Avatar

courtthreeGDC

courtthreeGDC
- Adobe Experience Manager
I'm afraid that wasn't the answer (in our case at least). We will keep looking and update you all accordingly.

Views

8.0K

Likes

0

Replies

4
Re: SAML Authentication generates anonymous user session instead of authenticated user
Avatar

courtthreeGDC

courtthreeGDC
- Adobe Experience Manager
Thank you. This is really helpful.I have noted that the line 'allowAuthorized "0"' is commented out in our dispatcher.any file.I have uncommented it and resubmitted it for upload. This won't happen until tomorrow but I am hopeful you may have cracked it. I will revert after the test.

Views

8.0K

Likes

0

Replies

5
Re: SAML Authentication generates anonymous user session instead of authenticated user
Avatar

courtthreeGDC

courtthreeGDC
- Adobe Experience Manager
Hi Jaideep,Thank you for picking this up mate. I have followed your instructions to the letter but to no avail. We are still experiencing the same issue. FYR, a quick snippet of the code we're using to pick up the user is as follows:resourceResolver = request.getResourceResolver();Session session = resourceResolver.adaptTo(Session.class);UserManager userManager = resourceResolver.adaptTo(UserManager.class);Authorizable auth = userManager.getAuthorizable(session.getUserID());log.info("user path "...

Views

8.0K

Likes

0

Replies

7
SAML Authentication generates anonymous user session instead of authenticated user
Avatar

courtthreeGDC

courtthreeGDC
- Adobe Experience Manager
Hi everyone,We have done a successful integration of Okta with our 6.2 instance of AEM via the OOTB SAML Authentication handler.The integration works great when executed directly on our publish instance via port 4503. However, when we perform the same actions via the dispatcher, the authenticated user session is not available in code. When we try to access the user, we find that, even though the new user is successfully created in the CRX via the SAML integration, the active user session is of t...

Views

8.6K

Likes

0

Replies

9
Re: Okta SAML integration with dispatcher
Avatar

courtthreeGDC

courtthreeGDC
- Adobe Experience Manager
Thanks so much Jaideep,You're answer is indeed correct and is definitely the best first step in configuring AEM SAML Integration.In our situation, this had already been done and the root of our issue turned out to be related to our CDN. However, your answer has been moderated as correct and I would definitely agree. Our situation was too specific for anyone on here to give an answer based on the limited information I gave.

Views

885

Like

1

Replies

0
Okta SAML integration with dispatcher
Avatar

courtthreeGDC

courtthreeGDC
- Adobe Experience Manager
Hi guys,We have very successfully integrated Okta as our IDM platform into our non-production publish instance (developed and tested by directly accessing the publisher on 4503).However, we have failed (almost at the first hurdle) when hitting the publisher via the dispatcher. Upon hitting the SAML protected content, we are faced with what appears to be a server-level (Apache-derived) log-in/password challenge.What should be my first steps to check in the dispatcher configuration.FYI, while I am...

Views

1.4K

Like

1

Replies

2
Re: Using getTemplate in JSP requires user to be logged in?
Avatar

courtthreeGDC

courtthreeGDC
- Adobe Experience Manager
OK! Thanks again for your continued support.As a test, I have added the Okta user to read /apps on a non-production environment and it does the trick. But, from what you say, this is not a situation that should exist on Live.What is the practical technical impact of the anonymous user have read access to apps?

Views

739

Likes

0

Replies

0
Re: Using getTemplate in JSP requires user to be logged in?
Avatar

courtthreeGDC

courtthreeGDC
- Adobe Experience Manager
OK, thank you so much for your reply! Is that "safe" do you think?

Views

744

Likes

0

Replies

0
Re: Using getTemplate in JSP requires user to be logged in?
Avatar

courtthreeGDC

courtthreeGDC
- Adobe Experience Manager
Hi guys, I realise this is an old post but I have encountered the same problem and I need a steer. Of course, the replacement of getTemplate() is the best solution but we have a site with an older code base that uses it extensively.We have just implemented a user log-in system via Okta (which works well with SAML) but the Okta authenticated user immediately encounters problems with pages using any derivation of the getTemplate method.Interestingly, our anonymous user does not have this issue. Th...

Views

740

Likes

0

Replies

0
Re: [New] Welcome to AEM Community! Please Introduce Yourself
Avatar

courtthreeGDC

courtthreeGDC
- Adobe Experience Manager
Hi all,I'm Dan and I have been an AEM Dev for about 5 years working across a few AEM instances for a few large companies from CQ5.6 to AEM 6.2/3. I'm always in here asking questions. Who knows, one day I might actually be able to ANSWER a question too 😉Massive Star Wars fan (the proper originals not the newer dodgy ones), love films in general and am addicted to Netflix and Amazon Prime. Love cars and car programmes (especially The Grand Tour) and based in SE London!Speak soon guys.

Views

11.6K

Like

1

Replies

0
Re: Custom Index Migration from 5.6 to 6.2
Avatar

courtthreeGDC

courtthreeGDC
- Adobe Experience Manager
Thank you again. Yes, what the documentation doesn't make clear is that you can add a node and give it any name you like. Then you can add your custom nodes to it based on the output from http://oakutils.appspot.com/generate/index. Your assistance did indeed point me the right direction, thanks again.I can confirm that the in-place upgrade was not necessary (contrary to Adobe's official advice) and that the custom index node will work on the existing content taken from our old 5.6 instance.

Views

424

Likes

0

Replies

0
Re: Custom Index Migration from 5.6 to 6.2
Avatar

courtthreeGDC

courtthreeGDC
- Adobe Experience Manager
Hi MC Stuff,Thanks so much for replying. I have done as you suggested and used the link above to generate the index for some XPath queries.The kind of output I am getting is great. I am just not fully clear on how to copy it to the index because I'm not sure which node is should be a child of. Consider this output:- evaluatePathRestrictions = true - compatVersion = 2 - type = "lucene" - async = "async" - jcr:primaryType = oak:QueryIndexDefinition + indexRules + cq:PageContent + properties + temp...

Views

430

Likes

0

Replies

0
Custom Index Migration from 5.6 to 6.2
Avatar

courtthreeGDC

courtthreeGDC
- Adobe Experience Manager
Hi guys,We are in the process of migrating our site from 5.6 to 6.2 and have had great success in nearly every regard - except replicating the custom index. This, of course, is having a profound effect on the search results returned from the rep. Our 6.2 instance is a "clean skin". We elected to install a fresh 6.2 instance and migrate over only what we needed as a much overdue spring cleaning exercise.As a result, the content of the site has NOT been through an in-place upgrade. It has been pac...

Views

682

Like

1

Replies

4
Re: Unable to upload files to DAM
Avatar

courtthreeGDC

courtthreeGDC
- Adobe Experience Manager
Thanks mate,All other behaviours are normal (including WebDav). And, to be clear, the only browser exhibiting this behaviour is Chrome 51. It's only since we upgraded to that this has happened. I'm afraid I can't share any further logs for security reasons.

Views

1.1K

Likes

0

Replies

0
Re: Components have disappeared
Avatar

courtthreeGDC

courtthreeGDC
- Adobe Experience Manager
Hey Malissa,I've seen this happen many times when my client has accidentally put a component in "Target" mode. It's easily done becuse if you have the edit button in view at the top of a component, the client can accidentally hit "Target" instead!Do you have access to the CRX (in CRXDE Lite) so we can verify if this is the case? If you do, drill down to the offending page in the content node of the CRX and you will likely see a node in there called "default" which contains the component that has...

Views

1.1K

Likes

0

Replies

1
Re: Unable to upload files to DAM
Avatar

courtthreeGDC

courtthreeGDC
- Adobe Experience Manager
Thank you as well Tuhin, it is all file types and with single file extensions.

Views

1.1K

Likes

0

Replies

0
Unable to upload files to DAM
Avatar

courtthreeGDC

courtthreeGDC
- Adobe Experience Manager
Hi all,A situation has developed (all of a sudden) where certain users cannot upload files to the DAM (AEM 5.6.1). Please see below a screenshot of the error from the WCM UI:The error log also generates the following error:04.07.2016 14:35:01.059 *ERROR* [JobHandler: /etc/workflow/instances/2016-07-04/model_21770228870383586:/*** PATH REDACTED *** of assets by compliance state for a configuration baseline.xlsx/jcr:content/renditions/original] com.day.cq.dam.commons.handler.AbstractAssetHandler c...

Views

2.0K

Likes

0

Replies

4
Re: SAML Integration failing on post back to AEM
Avatar

courtthreeGDC

courtthreeGDC
- Adobe Experience Manager
Thanks so much again for your continued support.The thing is that the Apache Sling Authentication Service: Authentication Requirements had no entries at all my client's instance (until I added it there during this process). The site running on there is a public website and has not been protected before. The SAML integration is only relevant for a small part of the site residing a specific node in the CRX. So, having added this node to the SAML Authentication Handler (as per the documentation), i...

Views

3.4K

Likes

0

Replies

1
Re: SAML Integration failing on post back to AEM
Avatar

courtthreeGDC

courtthreeGDC
- Adobe Experience Manager
Thanks @abhishekb, you're right it's not documented. I had found this on a blog somewhere and dealt with it already.Since my last post, I have found that the SAML bundle was not working as expected at all. If you follow https://helpx.adobe.com/experience-manager/kb/saml-demo.html (as we did) the SAML Authentication Handler does not cut in when you request the protected page.We have found that you can only get the SAML Authentication Handler to work if you also add the protected path to the "Auth...

Views

3.4K

Like

1

Replies

3
Re: SAML Integration failing on post back to AEM
Avatar

courtthreeGDC

courtthreeGDC
- Adobe Experience Manager
Thanks KK,Agreed, this sounds very sensible. Can you elaborate further in terms of exactly what should match with what?

Views

3.4K

Likes

0

Replies

1
Re: SAML Integration failing on post back to AEM
Avatar

courtthreeGDC

courtthreeGDC
- Adobe Experience Manager
Thanks so much for helping.Unfortunately, I have implemented the changes above to no avail. In fact, I get exactly the same error as before.In terms of your first solution (about a call to a servlet errorring), given that we are using the built in SAML handler, we shouldn't need to register the servlet path should we?I have done a a SAML trace and got the following response: •••REDACTED••• •••REDACTED••• •••REDACTED••• •••REDACTED••• The thing that draws my eye is the "Inva...

Views

3.4K

Likes

0

Replies

3
SAML Integration failing on post back to AEM
Avatar

courtthreeGDC

courtthreeGDC
- Adobe Experience Manager
Hey guys,I have been working on integrating a client's SSO with AEM 5.6.1. They are using ADFS and SAML.I have successfully configured the SAML integration handler and the protected node is happily bouncing to the client's ADFS log-in screen when hit with the browser.The ADFS is then posting back to /saml_login (which I understand to be the address of the handler for the post back) but I am seeing the following error:Error while processing Status500Messagejavax.jcr.RepositoryException: org.apach...

Views

4.6K

Likes

0

Replies

10
Content redirect on form handler AEM 5.6.1
Avatar

courtthreeGDC

courtthreeGDC
- Adobe Experience Manager
Hi guys,I am submitting a simple feedback form to a form handler in AEM 5.6.1. The submission is being made by JQuery $.post(). The post submits to a CQ page which contains a single component to handle the form input and send an email. Really simple stuff.If I access the form handler page directly in my browser, the code on it runs and a blank email is sent. However, when I submit the form (via JQuery or directly via HTTP POST) the response from CQ is as follows (seen here in the developer tools...

Views

309

Likes

0

Replies

1
Likes given to