Your achievements

Level 1

0% to

Level 2

Tip /
Sign in

Sign in to Community

to gain points, level up, and earn exciting badges like the new
BedrockMission!

Learn More

View all

Sign in to view all badges

abhishekb
Community profile abhishekb Level 2
Job title here
Location here
6 BADGES
Level 2

Level 2

Learn more
Joined the community 20-10-2015 3:12:53 PM
Offline
Top badges earned by abhishekb
Customize the badges you want to showcase on your profile
Re: AEM system architecture solution
Avatar
Validate 1
Level 2
abhishekb
Level 2

Likes

5 likes

Total Posts

46 posts

Correct Reply

3 solutions
Top badges earned
Validate 1
Boost 5
Boost 3
Boost 1
Affirm 3
View profile
abhishekb
- Adobe Experience Manager
Props for the detailed explanation.I will try to answer the questions. But first I have to advise you to start thinking about code and content when working with AEM. Since both reside in the same repository, it can get confusing.1. The project structure looks good. If it works in the demo author, that's great news. You may even want to split your core bundle into multiple bundles (osgi jars) based on business features to make it modular. Maven makes doing this easy.2. Don't use business calls be...

Views

573

Like

1

Replies

0
Re: Content-Package-Maven-Plugin Import Mode
Avatar
Validate 1
Level 2
abhishekb
Level 2

Likes

5 likes

Total Posts

46 posts

Correct Reply

3 solutions
Top badges earned
Validate 1
Boost 5
Boost 3
Boost 1
Affirm 3
View profile
abhishekb
- Adobe Experience Manager
Not an answer. That documentation seems to contradict Jackrabbit's definition of update import mode.http://jackrabbit.apache.org/filevault/importmode.htmlImportMode.REPLACEThis is the normal behaviour. Existing content is replaced completely by the imported content, i.e. is overridden or deleted accordingly.ImportMode.UPDATEExisting content is updated. Existing content is replaced, new content is added and none is deleted.ImportMode.MERGEExisting content is not modified, i.e. only new content is...

Views

1.3K

Likes

0

Replies

1
Re: SAML SSO not working when Path is changed from "/" to "/content/.." (in AEM 6.1)
Avatar
Validate 1
Level 2
abhishekb
Level 2

Likes

5 likes

Total Posts

46 posts

Correct Reply

3 solutions
Top badges earned
Validate 1
Boost 5
Boost 3
Boost 1
Affirm 3
View profile
abhishekb
- Adobe Experience Manager
The post back URL which you would've shared with your IDP needs to be /content/saml_login if you're setting the path property to /content.When you configure this handler for the path /content, this handler is not invoked if your IDP is sending the response token back to /saml_login

Views

917

Likes

0

Replies

0
Re: Regexp is not working in Apache Sling Referrer filter
Avatar
Validate 1
Level 2
abhishekb
Level 2

Likes

5 likes

Total Posts

46 posts

Correct Reply

3 solutions
Top badges earned
Validate 1
Boost 5
Boost 3
Boost 1
Affirm 3
View profile
abhishekb
- Adobe Experience Manager
Try this in a helloworld. I would imagine that filter uses something like this to verify the referrer hosts.Pattern.compile(your regex).matcher("your referer url - only http(s)://host:port").matches()

Views

549

Likes

0

Replies

0
Re: What is the best way to transfer some selected content from lower environment to production environment without manually creating a package in package manager.
Avatar
Validate 1
Level 2
abhishekb
Level 2

Likes

5 likes

Total Posts

46 posts

Correct Reply

3 solutions
Top badges earned
Validate 1
Boost 5
Boost 3
Boost 1
Affirm 3
View profile
abhishekb
- Adobe Experience Manager
If you have to copy to a lot of other servers (let's say prod publish farm), you could create a workflow package and then subject it to a WF which replicates to various servers.

Views

2.1K

Likes

0

Replies

0
Re: Unable to access libs/granite/csrf/token.json from an external application which is not in AEM
Avatar
Validate 1
Level 2
abhishekb
Level 2

Likes

5 likes

Total Posts

46 posts

Correct Reply

3 solutions
Top badges earned
Validate 1
Boost 5
Boost 3
Boost 1
Affirm 3
View profile
abhishekb
- Adobe Experience Manager
Rohit Nalla wrote... abhishekb wrote... That error suggests you didn't add http|https to the URL. Try accessing the token url directly from the browser and check if you see the token. If I access the token url directly(local instance publish - http://localhost:4503/libs/granite/csrf/token.json) from the browser it works fine. I am able to get the token ID. But from an external applications the token url is not working. Its throwing CORS error. Some how it needs to allow the external domain to ca...

Views

4.7K

Likes

0

Replies

0
Re: Unable to access libs/granite/csrf/token.json from an external application which is not in AEM
Avatar
Validate 1
Level 2
abhishekb
Level 2

Likes

5 likes

Total Posts

46 posts

Correct Reply

3 solutions
Top badges earned
Validate 1
Boost 5
Boost 3
Boost 1
Affirm 3
View profile
abhishekb
- Adobe Experience Manager
smacdonald2008 wrote... try writing a custom AEM Servlet that retrieves the data and then return the data as a GET request. If you're saying custom servlet for fetching the token, that will duplicating AEM's OOTB servlet. If you're saying GET request for the search query instead of POST (which makes sense for a search query), that is a design change and up to the OP.

Views

4.7K

Likes

0

Replies

1
Re: Unable to access libs/granite/csrf/token.json from an external application which is not in AEM
Avatar
Validate 1
Level 2
abhishekb
Level 2

Likes

5 likes

Total Posts

46 posts

Correct Reply

3 solutions
Top badges earned
Validate 1
Boost 5
Boost 3
Boost 1
Affirm 3
View profile
abhishekb
- Adobe Experience Manager
That error suggests you didn't add http|https to the URL. Try accessing the token url directly from the browser and check if you see the token.

Views

4.7K

Likes

0

Replies

3
Re: SAML/Okta Integration without storing Users
Avatar
Validate 1
Level 2
abhishekb
Level 2

Likes

5 likes

Total Posts

46 posts

Correct Reply

3 solutions
Top badges earned
Validate 1
Boost 5
Boost 3
Boost 1
Affirm 3
View profile
abhishekb
- Adobe Experience Manager
Shouldn't the login screen be that of the IDP instead of SP in a SAML auth mechanism ? Is your IDP supporting HTTP POST binding? Otherwise check if it supports WS Trust.

Views

997

Likes

0

Replies

0
Re: Segments editor in Touch UI
Avatar
Validate 1
Level 2
abhishekb
Level 2

Likes

5 likes

Total Posts

46 posts

Correct Reply

3 solutions
Top badges earned
Validate 1
Boost 5
Boost 3
Boost 1
Affirm 3
View profile
abhishekb
- Adobe Experience Manager
AFAIK segmentation is still in classic in 6.1 and Adobe recommended us to stick with client context and not to use contexthub in 6.1.

Views

795

Likes

0

Replies

0
Re: OSGi bundles contained in content package under /apps/appname/install never gets installed
Avatar
Validate 1
Level 2
abhishekb
Level 2

Likes

5 likes

Total Posts

46 posts

Correct Reply

3 solutions
Top badges earned
Validate 1
Boost 5
Boost 3
Boost 1
Affirm 3
View profile
abhishekb
- Adobe Experience Manager
Jörg Hoh wrote... Hi, please clear any node below /system/sling/installer/jcr/pauseInstallation. And as second step please raise a ticket with Daycare support and ask for a hotfix (there is one, just don't remember the number). Jörg We were given this hotfix (CQ-6.1.0-HOTFIX-9336) back in Feb by daycare for the pauseinstallation node clearing issue.

Views

658

Likes

0

Replies

0
Re: AEM 6.2 - Dam Assets information
Avatar
Validate 1
Level 2
abhishekb
Level 2

Likes

5 likes

Total Posts

46 posts

Correct Reply

3 solutions
Top badges earned
Validate 1
Boost 5
Boost 3
Boost 1
Affirm 3
View profile
abhishekb
- Adobe Experience Manager
I use this query regularly to get this information in json format. It works great at all path levels.http://localhost:8051/bin/querybuilder.json?type=dam:Asset&path=/content/dam&p.limit=-1

Views

2.3K

Like

1

Replies

0
Re: Using Same OSGI Service at Multiple Times
Avatar
Validate 1
Level 2
abhishekb
Level 2

Likes

5 likes

Total Posts

46 posts

Correct Reply

3 solutions
Top badges earned
Validate 1
Boost 5
Boost 3
Boost 1
Affirm 3
View profile
abhishekb
- Adobe Experience Manager
I think an Osgi configuration factory is what you are likely looking for. Here is a good reference on how to create those https://cqdump.wordpress.com/2014/08/05/managing-multiple-instances-of-services-osgi-service-factories/And you should not give authors access to your Felix console. Admins should be doing that.

Views

978

Likes

0

Replies

0
Re: 6.1 saml authenticator infinite loop
Avatar
Validate 1
Level 2
abhishekb
Level 2

Likes

5 likes

Total Posts

46 posts

Correct Reply

3 solutions
Top badges earned
Validate 1
Boost 5
Boost 3
Boost 1
Affirm 3
View profile
abhishekb
- Adobe Experience Manager
1. Compare the public certificate of the new IDP with the one uploaded in AEM which is resolved by the alias in the SAML handler config.2. It appears you're using encrypted assertions. Ensure the encryption and decryption keys are correctly configured between AEM and IDP.

Views

825

Likes

0

Replies

0
Re: AEM SAML Authentication and Group assignation
Avatar
Validate 1
Level 2
abhishekb
Level 2

Likes

5 likes

Total Posts

46 posts

Correct Reply

3 solutions
Top badges earned
Validate 1
Boost 5
Boost 3
Boost 1
Affirm 3
View profile
abhishekb
- Adobe Experience Manager
Because that's the standard where same attribute shouldn't come under two different attribute names. If your SAML provider is not following the standard, you shouldn't expect AEM or any other product to handle that.If you want to make a user admin along with SAML SSO, I will suggest to create a custom group in your IDP. And make that group as a member of OOTB administrators group. You should read more about user privileges at [1].[1] https://docs.adobe.com/docs/en/aem/6-2/administer/security/sec...

Views

1.6K

Likes

0

Replies

0
Re: AEM SAML Authentication and Group assignation
Avatar
Validate 1
Level 2
abhishekb
Level 2

Likes

5 likes

Total Posts

46 posts

Correct Reply

3 solutions
Top badges earned
Validate 1
Boost 5
Boost 3
Boost 1
Affirm 3
View profile
abhishekb
- Adobe Experience Manager
kk krish wrote... Yes, Default group assignation is ok. But overriding the existing user assigned groups is a little weird. Any how i have one more curious question that how can we configure more than one Group Membership names in AEM, if my SAML assertion is capable sending multiple parameter names with respective groups? This is not weird. Your IDP is responsible for the user's profile (which includes user groups among other things). With this configuration you make the IDP as the central syst...

Views

1.6K

Likes

0

Replies

0
Re: AEM SAML Authentication and Group assignation
Avatar
Validate 1
Level 2
abhishekb
Level 2

Likes

5 likes

Total Posts

46 posts

Correct Reply

3 solutions
Top badges earned
Validate 1
Boost 5
Boost 3
Boost 1
Affirm 3
View profile
abhishekb
- Adobe Experience Manager
Yes. that's the expected behavior. You can have some default groups to which all users will be added to when they land in AEM.

Views

1.6K

Likes

0

Replies

0
Re: AEM SAML Authentication and Group assignation
Avatar
Validate 1
Level 2
abhishekb
Level 2

Likes

5 likes

Total Posts

46 posts

Correct Reply

3 solutions
Top badges earned
Validate 1
Boost 5
Boost 3
Boost 1
Affirm 3
View profile
abhishekb
- Adobe Experience Manager
As Justin said, this is supported OOTB with proper configuration. You need to configure the SAML handler for adding user to groups and the parameter name which will contain groups in the assertion. You also need to have those groups pre-created in AEM

Views

1.6K

Likes

0

Replies

0
Re: SAML Integration failing on post back to AEM
Avatar
Validate 1
Level 2
abhishekb
Level 2

Likes

5 likes

Total Posts

46 posts

Correct Reply

3 solutions
Top badges earned
Validate 1
Boost 5
Boost 3
Boost 1
Affirm 3
View profile
abhishekb
- Adobe Experience Manager
I did not have to make any change in this setting when I configured SAML. I just checked this config after reading your post. Its set to enable auth for root path /. I don't recall making any change here.

Views

3.8K

Like

1

Replies

2
Re: tarmk-coldstandby.log keeps on increasing for AEM6.1
Avatar
Validate 1
Level 2
abhishekb
Level 2

Likes

5 likes

Total Posts

46 posts

Correct Reply

3 solutions
Top badges earned
Validate 1
Boost 5
Boost 3
Boost 1
Affirm 3
View profile
abhishekb
- Adobe Experience Manager
This doesn't necessarily means a problem. Primary and standby instances must be syncing. If there are error logs, post those and then we can look at the problem. If log size is a problem, you can change the log level for tarmk-coldstandby.log.

Views

615

Likes

0

Replies

0
Re: SAML Integration failing on post back to AEM
Avatar
Validate 1
Level 2
abhishekb
Level 2

Likes

5 likes

Total Posts

46 posts

Correct Reply

3 solutions
Top badges earned
Validate 1
Boost 5
Boost 3
Boost 1
Affirm 3
View profile
abhishekb
- Adobe Experience Manager
What is the post back URL ? If you've configured the SAML handler for intercepting the path /abc/def, the post back URL has to be /abc/def/saml_login. I've made this mistake in the past. Unfortunately this is not documented. I hope you've taken care of this.

Views

3.8K

Like

1

Replies

4
Re: SAML login in AEM6.1 ended up with 500 not modifiable error and some times infinite loop
Avatar
Validate 1
Level 2
abhishekb
Level 2

Likes

5 likes

Total Posts

46 posts

Correct Reply

3 solutions
Top badges earned
Validate 1
Boost 5
Boost 3
Boost 1
Affirm 3
View profile
abhishekb
- Adobe Experience Manager
How does your SAML handler config look like ? can you pls share some info.

Views

1.1K

Likes

0

Replies

0
Re: Rejected referrer header for POST request to /crx/de/j_security_check
Avatar
Validate 1
Level 2
abhishekb
Level 2

Likes

5 likes

Total Posts

46 posts

Correct Reply

3 solutions
Top badges earned
Validate 1
Boost 5
Boost 3
Boost 1
Affirm 3
View profile
abhishekb
- Adobe Experience Manager
that'd be Referer Filter config

Views

1.2K

Likes

0

Replies

0
Re: Page access with sling alias
Avatar
Validate 1
Level 2
abhishekb
Level 2

Likes

5 likes

Total Posts

46 posts

Correct Reply

3 solutions
Top badges earned
Validate 1
Boost 5
Boost 3
Boost 1
Affirm 3
View profile
abhishekb
- Adobe Experience Manager
Yes, my testing and observation is inline with the pseudo code in that documentation. So my understanding is that if Sling doesn't finds the exact path in the repo, it will start drilling down from root for a matching alias. And if the user doesn't have access to the root, it will fail at that first step and return 404.

Views

944

Likes

0

Replies

0
Page access with sling alias
Avatar
Validate 1
Level 2
abhishekb
Level 2

Likes

5 likes

Total Posts

46 posts

Correct Reply

3 solutions
Top badges earned
Validate 1
Boost 5
Boost 3
Boost 1
Affirm 3
View profile
abhishekb
- Adobe Experience Manager
Hi, I have a user who has read only access to all nodes under this path. /content/folder1/I have a page like this. /content/folder1/folder2/mywebsite/pagegroupA/demo.html. folder1/folder2 are sling:OrderedFolder and pagegroupA, demo are both of type cq:Page. The user can access the page with /content/mywebsite/pagegroupA/demo.html.If I add a sling:alias property testAlias to demo node, the user cannot access the page with /content/mywebsite/pagegroupA/testAlias.html. Sling is not able to resolve...

Views

1.8K

Likes

0

Replies

3
Re: Can't reload configuration from crx (for https service)
Avatar
Validate 1
Level 2
abhishekb
Level 2

Likes

5 likes

Total Posts

46 posts

Correct Reply

3 solutions
Top badges earned
Validate 1
Boost 5
Boost 3
Boost 1
Affirm 3
View profile
abhishekb
- Adobe Experience Manager
That is strange. I've played with this 2 months back on 6.1 with no issues. Can you check if there is a random node created under this path /system/sling/installer/jcr/pauseInstallation? If this path is clean, can you try configuring ssl from the console "Apache Felix Jetty Based Http Service"

Views

2.4K

Likes

0

Replies

5
Re: Can't reload configuration from crx (for https service)
Avatar
Validate 1
Level 2
abhishekb
Level 2

Likes

5 likes

Total Posts

46 posts

Correct Reply

3 solutions
Top badges earned
Validate 1
Boost 5
Boost 3
Boost 1
Affirm 3
View profile
abhishekb
- Adobe Experience Manager
ideally you shouldn't even need a restart. the updated config should be picked up. you should see logs about jetty service restarting and then listening to the configured port. Is the server still listening to requests at the old port ?

Views

2.4K

Likes

0

Replies

7
Re: We want to bypass the AEM credentials to display images from author outside of AEM for preview
Avatar
Validate 1
Level 2
abhishekb
Level 2

Likes

5 likes

Total Posts

46 posts

Correct Reply

3 solutions
Top badges earned
Validate 1
Boost 5
Boost 3
Boost 1
Affirm 3
View profile
abhishekb
- Adobe Experience Manager
I have come across this situation and this is what we ended up with.Have a publish server acting as your preview server. Build a workflow process to replicate assets to that preview instance. Have your preview PHP site connect that AEM preview publish instance for assets. Ask your authors/users to run that workflow for preview capabilities.

Views

8.5K

Like

1

Replies

1
Re: AEM 6.1 - issue with SAML configuration
Avatar
Validate 1
Level 2
abhishekb
Level 2

Likes

5 likes

Total Posts

46 posts

Correct Reply

3 solutions
Top badges earned
Validate 1
Boost 5
Boost 3
Boost 1
Affirm 3
View profile
abhishekb
- Adobe Experience Manager
This error suggests issue with the saml token coming in from your idp. In your config screenshot, you're configuring this handler to intercept requests made only to /saml_login and below bath. Is that intended ? Generally this path is used to register with the IDP

Views

1.8K

Likes

0

Replies

0
Re: Need help in resolving and understanding com.adobe.granite.csrf.impl.CSRFFilter doFilter: the provided CSRF token is invalid in AEM 6.1
Avatar
Validate 1
Level 2
abhishekb
Level 2

Likes

5 likes

Total Posts

46 posts

Correct Reply

3 solutions
Top badges earned
Validate 1
Boost 5
Boost 3
Boost 1
Affirm 3
View profile
abhishekb
- Adobe Experience Manager
Have you added the necessary csrf client lib(granite.csrf.standalone) as dependency to your form component ? Check details here.https://docs.adobe.com/docs/en/aem/6-1/develop/security/csrf-protection.html

Views

1.2K

Likes

0

Replies

0
Likes given to
Likes from