Saturday, November 29, 2014

User name and password do not match error while accessing CRXDE - Adobe CQ5

Sometimes we may receive User name and password do not match error while accessing the CRXDE and also Authentication Failed error while accessing the Adobe CQ5 configMgr.

We will be receiving this error if the anonymous user account is deleted accidentally.
This can be fixed by restarting the repository, anonymous user account will be re-created upon repository restart.

Wednesday, November 12, 2014

Enabling SSL in Dispatcher with self signed certificate - Adobe CQ5

This post will explain how to Enabling SSL in Dispatcher with self signed certificate in Adobe CQ5

Generating Self signed certificate:

Create a folder ssl under /etc/httpd/ directory.
Generate server.key and server.crt file by running the following command:

openssl req -new -x509 -sha1 -newkey rsa:1024 \
-nodes -keyout /etc/httpd/ssl/server.key -out /etc/httpd/ssl/server.crt \
-subj '/O=<Organization>/OU=<Department>/CN= <Common Name>'

Change the <Organization>, <Department> and <Common Name> accordingly.

Install by running the following command
yum install mod_ssl

Modify the VirtualHost in /etc/httpd/conf.d/ssl.conf file with the host name.


Also, specify the server certificate and key path in the below properties.

SSLCertificateFile /etc/httpd/ssl/server.crt
SSLCertificateKeyFile /etc/httpd/ssl/server.key

Restart the Apache HTTP Server,now we can able to access the urls through https.

Configuring SAML SSO for Adobe CQ5

Configuring SAML SSO for Adobe CQ5

Navigate to the web console: http://HOST:4502/system/console/configMgr

Expand Apache Sling Referrer Filter

Add the SAML SSO server host name to the Allowed Hosts section (depending on the authoring environment you are configuring), Check the Allow Empty checkbox and Click Save.

Expand Adobe Granite SAML 2.0 Authentication Handler

Configured the required details for authentication

    Service Ranking
    IDP HTTP Redirect
    Unchecked - Use an HTTP Redirect to the IDP URL instead of sending an AuthnRequest-message to request credential
    Service Provider Entity ID
    Default Redirect
    User ID Attribute
    UserID - The name of the attribute containing the user ID used to authenticate and create the user in the CRX repository
    Use Encryption
    Unchecked - Whether or not this authentication handler expects encrypted SAML assertions
    Autocreate CRX Users
    Unchecked - Whether or not to autocreate nonexisting users in the repository
    Add to Groups
    Unchecked - Whether or not a user should be autmatically added to CRX groups after successful authentication
    Group Membership
    <empty--no value> - The name of the attribute containing a list of CRX groups this user should be added to
    NameIDPolicy Format
    urn:oasis:names:tc:SAML:2.0:nameid-format:unspecified - The value of the NameIDPolicy format parameter to send in the AuthnRequest message.

Click Save

Add the SAML certificate:
Log into the Authoring server using ssh .
Create a file called /tmp/idp.pem on the Authoring server, and paste the contents of certificate into the file. Save the file.

Run this command to push the certificate into AEM, replacing PASSWORD with the admin password:
curl -u admin:PASSWORD -F idp_cert=\<idp.pem -F idp_cert@TypeHint=Binary http://localhost:4502/etc/key/saml

Browse to the AEM server (http://HOST:4502/)and you should be redirected to SSO server for authentication and send to AEM screen upon successful authentication(http://HOST:4502/)).

Monday, November 10, 2014

Referencing the services between OSGI bundles – AEM

This post explains how to refer the services between OSGI bundles in Adobe Experience Manager.

Bundles may export zero or more packages from the JAR to be consumable by other bundles. The export list is a comma-separated list of fully-qualified packages, often with a version attribute. If not specified, the version defaults so 0.0.0.

In the target bundle the packages contains the required services and the classes exposed to the other bundles should be exported.

The Import-Package header is used to declare dependencies at a package level from the bundle. At runtime, the bundle will be wired up with whatever (compatible) bundle offers the package.

In the source bundle the packages contains the required services and classes referred from other bundle should be imported.

The following two approaches can be used to refer the services from other bundle.
Through Reference
private CommerceServiceFactory sFactory;

Through bundle context
BundleContext bundleContext = FrameworkUtil.getBundle(this.getClass()).getBundleContext();
CommerceServiceImpl factoryFromBundle=(CommerceServiceImpl)bundleContext.getService(bundleContext.getServiceReference(CommerceServiceFactory.class)).getCommerceService();

Contact Form


Email *

Message *