Your achievements

Level 1

0% to

Level 2

Tip /
Sign in

Sign in to Community

to gain points, level up, and earn exciting badges like the new
Bedrock Mission!

Learn more

View all

Sign in to view all badges

25793466
25793466
Offline

Badges

Badges
12

Accepted Solutions

Accepted Solutions
2

Likes Received

Likes Received
3

Posts

Posts
22

Discussions

Discussions
5

Questions

Questions
17

Ideas

Ideas
0

Blog Posts

Blog Posts
1
Top badges earned by 25793466
Customize the badges you want to showcase on your profile
Re: Encrypted OSGI configuration properties - Adobe Experience Manager 16-10-2018
That is indeed what I was looking for. It works in 6.3 also, even though the documentation seems to be for 6.4. When you view the configuration through the CRX, the value will show the encrypted text. Then AEM magically decrypts it before it is sent to the service or external component. I guess every time a configuration is invoked, AEM reviews all the properties looking for a pattern so it knows to decrypt it.

Views

991

Likes

0

Replies

0
Re: Restricting Query Strings in dispatcher.any not working - Adobe Experience Manager 10-10-2018
It turns out there is an issue with the dispatcher version we are using. I don't know if it effects all platforms, but it is not working correctly on 4.2.0 on IIS, x64 non-ssl version.I tested the same exact dispatcher configuration (dispatcher.any) on the latest dispatcher (v4.2.3) and the filter rules are working correctly with query strings.

Views

2.0K

Likes

0

Replies

0
Encrypted OSGI configuration properties - Adobe Experience Manager 05-10-2018
It appears this is available starting in 6.3. From the 6.3 release notes: "Support for all OSGI configuration properties to be stored in a protected encrypted form instead of clear text." How do you enable this or is it done automatically?What I am really looking for is the LDAP Identity Provider bind password to be masked when I view through the CRX. In 6.3, I am still seeing it in clear text. Perhaps that's not what this feature is intended to do.

Views

1.2K

Like

1

Replies

2
Re: Store and deploy secure OSGI configuration for OOTB AEM services - Adobe Experience Manager 01-08-2018
It appears this indeed is available starting in 6.3. From the 6.3 release notes: "Support for all OSGI configuration properties to be stored in a protected encrypted form instead of clear text." How do you enable this or is it done automatically?What I am really looking for is the LDAP Identity Provider bind password to be masked when I view through the CRX. In 6.3, I am still seeing it in clear text. Perhaps that's not what this feature is intended to do.

Views

1.0K

Likes

0

Replies

0
Re: Restricting Query Strings in dispatcher.any not working - Adobe Experience Manager 25-07-2018
That didn't work. We run AEM within an application server and it's not possible to run at the root. (We even had ACS unseccuessufully attempt to change that). All of our /filter rules are prefixed with /mysite and we haven't had any issues since we launched the site over two years ago.I added a fourth rule to test your suggestion. /0004 { /type "allow" /method "GET" /url "/content/test/*" /query "a=*" }https://my.site.com/mysite/content/test/home.html?a=test does not work. It does work when rule...

Views

1.8K

Likes

0

Replies

0
Re: Restricting Query Strings in dispatcher.any not working - Adobe Experience Manager 24-07-2018
I should have mentioned that. We are using 4.2.0 on IIS. x64 non-ssl version.

Views

1.7K

Likes

0

Replies

0
Restricting Query Strings in dispatcher.any not working - Adobe Experience Manager 24-07-2018
I want to disable any URL with query strings but allow those that don't. The "Note:" section of Configuring Dispatcher says the following should work: /0001 { /type "deny" /method "*" /url "/mysite/content/test/*" } /0002 { /type "allow" /method "GET" /url "/mysite/content/test/*" } /0003 { /type "deny" /method "GET" /url "/mysite/content/test/*" /query "*" }When I try https://my.site.com/mysite/content/test/home.html, it is getting blocked /0003It should work, given "If a rule contains a /query...

Views

4.1K

Likes

0

Replies

7
Re: List all possible selectors and extensions for denial of service (DoS) attack mitigation - Adobe Experience Manager 23-07-2018
We do deny everything first. The first line of our dispatcher.any filter section is: /0001 { /type "deny" /glob "*" }Since there are several other sections of the security checklist devoted to the dispatcher, I thought this particular section ("Incorporate controls at the application level; Control the selectors in your application") was implying something additional can be done within the app as well. I'm just trying to be thorough.

Views

1.3K

Likes

0

Replies

0
Re: List all possible selectors and extensions for denial of service (DoS) attack mitigation - Adobe Experience Manager 18-07-2018
Right. I know from that perspective. Our deployment has one package that I wrote, so I know our selectors. But I can imagine an application, perhaps poorly architected, that has many code packages where a developer might introduce a selector that could cause problems. It would be nice to query them from an administrative perspective to ensure compliance.And what about the out-of-the-box ones? I am assuming only the .html (Apache Sling Servlet/Script Resolver and Error Handler) and .json (Apache ...

Views

1.4K

Likes

0

Replies

0
List all possible selectors and extensions for denial of service (DoS) attack mitigation - Adobe Experience Manager 17-07-2018
Under the guidance of the security checklist (Security Checklist​: "Incorporate controls at the application level; Control the selectors in your application"), how would I determine all possible extensions and selectors that are running in my instance?

Views

2.5K

Likes

0

Replies

5