Monday, July 2, 2018

HTTPS URL is resulting with 404 - Adobe Experience Manager

HTTPS URL is resulting with 404 - Adobe Experience Manager


Recently, we have faced the issue with https URL's, the URL's with masked path (/en/test.html) is not working with https protocol.

However, the unmasked (/content/site/en/test.html) URL is working, also http URL is working without any issues.

Based on our analysis, it looks to be the system is not honoring the /etc/map.publish/https mapping for https request and due to that the content path(without full path - /en/test.html) is not accessible and 404 is displayed

Our case the request is https from browser and the Load Balancer terminate the SSL and forward the request to dispatcher - Load Balancer notify the dispatcher that the initial request is https via header X-Forwarded-Proto (this header value differs based on the load balancer)

The dispatcher send the request to publisher with required headers and publisher consider the request as https based on the above header and match the Resource Mapping accordingly - /etc/map.publish/https

The 404 will be displayed for masked URL's if publisher not able to match the /etc/map.publish/https for incoming request.

How to resolve?


Option1:


  • Match the SSL Filter settings to those expected from the entity where SSL is terminated (Load Balancer). You can check these values forwarded in the dispatcher.log file and make sure they match to those of the SSL Filter. Configure the SSL Filter (Apache Felix Http Service SSL Filter) in Publisher with SSL forward header and value
SSL_Filter_https_aem

  • Allow the following headers in dispatcher farm file /clientheaders section, if /clientheaders section is not set to allow all

          X-Forwarded-Proto (this header value change based on the Load balancer)
               - other known values X-FORWARDED-SSL, X-Forwarded-Protocol and Front-End-Https
          X-Forwarded-Port
  • White list the SSL headers mentioned above in CDN, if CDN is enabled in the flow.

Option2:


Disallow the SSL forward headers in dispatcher farm file /clientheaders section; disallow the following header - X-Forwarded-Proto in /clientheaders section, review the "Apache Felix Http Service SSL Filter" in publisher to identify the exact header value used to identify the forwarded SSL request.

This allow the publisher to consider the request as http and match the /etc/map.publish/http node for incoming requests. 

In cases the SSL is terminated at the Web server, follow the below steps:


At the bottom of the httpd.conf add the following configuration: RequestHeader set X-Forwarded-Port "-1"

Allow the X-Forwarded-Port header in dispatcher farm file if /clientheaders section is not set to allow all 
Posted by at No comments:
Labels:

Wednesday, June 13, 2018

Resolving the issues while migrating the packages between Adobe Experience Manager instances(AEM)

Resolving the issues while migrating the packages between Adobe Experience Manager instances(AEM)


This is a common scenario to migrate the packages between AEM instances, some times we may face issues while building or uploading the big packages.

This post explains the details to resolve the issues observed while building or uploading the big packages between AEM instances

java.io.IOException: No space left on device while building the package:


The "java.io.IOException: No space left on device" error will be thrown while building big packages in AEM server without having sufficient space available in /tmp folder.

java.io.IOException: No space left on device
at java.io.FileOutputStream.writeBytes(Native Method)
at java.io.FileOutputStream.write(FileOutputStream.java:326)
at java.util.zip.DeflaterOutputStream.deflate(DeflaterOutputStream.java:253)
at java.util.zip.DeflaterOutputStream.write(DeflaterOutputStream.java:211)
at java.util.zip.ZipOutputStream.write(ZipOutputStream.java:331)
at org.apache.commons.io.output.ProxyOutputStream.write(ProxyOutputStream.java:90)
at org.apache.commons.io.IOUtils.copyLarge(IOUtils.java:1793)
at org.apache.commons.io.IOUtils.copyLarge(IOUtils.java:1769)
at org.apache.commons.io.IOUtils.copy(IOUtils.java:1744)
at org.apache.jackrabbit.vault.fs.io.JarExporter.writeFile(JarExporter.java:128)
at org.apache.jackrabbit.vault.fs.io.AbstractExporter.export(AbstractExporter.java:216)
at org.apache.jackrabbit.vault.fs.io.AbstractExporter.export(AbstractExporter.java:214)
at org.apache.jackrabbit.vault.fs.io.AbstractExporter.export(AbstractExporter.java:214)
at org.apache.jackrabbit.vault.fs.io.AbstractExporter.export(AbstractExporter.java:214)
at org.apache.jackrabbit.vault.fs.io.AbstractExporter.export(AbstractExporter.java:214)
at org.apache.jackrabbit.vault.fs.io.AbstractExporter.export(AbstractExporter.java:214)
at org.apache.jackrabbit.vault.fs.io.AbstractExporter.export(AbstractExporter.java:214)
at org.apache.jackrabbit.vault.fs.io.AbstractExporter.export(AbstractExporter.java:214)
at org.apache.jackrabbit.vault.fs.io.AbstractExporter.export(AbstractExporter.java:214)
at org.apache.jackrabbit.vault.fs.io.AbstractExporter.export(AbstractExporter.java:214)
at org.apache.jackrabbit.vault.fs.io.AbstractExporter.export(AbstractExporter.java:184)
at org.apache.jackrabbit.vault.packaging.impl.PackageManagerImpl.assemble(PackageManagerImpl.java:142)
at org.apache.jackrabbit.vault.packaging.impl.PackageManagerImpl.assemble(PackageManagerImpl.java:96)
at org.apache.jackrabbit.vault.packaging.impl.JcrPackageManagerImpl.assemble(JcrPackageManagerImpl.java:594)
at org.apache.jackrabbit.vault.packaging.impl.JcrPackageManagerImpl.assemble(JcrPackageManagerImpl.java:574)
at com.day.crx.packaging.impl.J2EEPackageManager.consoleBuild(J2EEPackageManager.java:291)
at com.day.crx.packaging.impl.J2EEPackageManager.doPost(J2EEPackageManager.java:176)
at com.day.crx.packaging.impl.PackageManagerServlet.doPost(PackageManagerServlet.java:156)

no_space_left_on_device_aem_package

Read more »
Posted by at No comments:
Labels:

Wednesday, May 30, 2018

Exceptions/Issues while configuring SAML Authentication Handler - Adobe Experience Manager(AEM)

Exceptions/Issues while configuring SAML Authentication Handler - Adobe Experience Manager(AEM)


This post explains the Exceptions/Issues received while configuring the SAML authentication handler and the fixes to overcome the issues.

Issue1:


Problem accessing /saml_login. Reason:
com.adobe.granite.keystore.KeyStoreNotInitialisedException: Uninitialised system trust store.

uninitialized-system-trust-store


14.05.2018 11:24:39.988 *WARN* [qtp1134377453-62] org.eclipse.jetty.servlet.ServletHandler /saml_login
com.adobe.granite.keystore.KeyStoreNotInitialisedException: Uninitialised system trust store.
at com.adobe.granite.keystore.internal.KeyStoreServiceImpl.internalGetTrustStore(KeyStoreServiceImpl.java:462)
at com.adobe.granite.keystore.internal.KeyStoreServiceImpl.getTrustStore(KeyStoreServiceImpl.java:151)
at com.adobe.granite.auth.saml.SamlAuthenticationHandler.handleLogin(SamlAuthenticationHandler.java:577)
at com.adobe.granite.auth.saml.SamlAuthenticationHandler.extractCredentials(SamlAuthenticationHandler.java:348)
at org.apache.sling.auth.core.impl.AuthenticationHandlerHolder.doExtractCredentials(AuthenticationHandlerHolder.java:75)
at org.apache.sling.auth.core.impl.AbstractAuthenticationHandlerHolder.extractCredentials(AbstractAuthenticationHandlerHolder.java:60)
at org.apache.sling.auth.core.impl.SlingAuthenticator.getAuthenticationInfo(SlingAuthenticator.java:709)
at org.apache.sling.auth.core.impl.SlingAuthenticator.doHandleSecurity(SlingAuthenticator.java:461)
at org.apache.sling.auth.core.impl.SlingAuthenticator.handleSecurity(SlingAuthenticator.java:446)
at org.apache.sling.engine.impl.SlingHttpContext.handleSecurity(SlingHttpContext.java:121)
at org.apache.felix.http.base.internal.context.ServletContextImpl.handleSecurity(ServletContextImpl.java:339)
at org.apache.felix.http.base.internal.handler.ServletHandler.doHandle(ServletHandler.java:334)
at org.apache.felix.http.base.internal.handler.ServletHandler.handle(ServletHandler.java:297)
at org.apache.felix.http.base.internal.dispatch.ServletPipeline.handle(ServletPipeline.java:93)
at org.apache.felix.http.base.internal.dispatch.InvocationFilterChain.doFilter(InvocationFilterChain.java:50)
at org.apache.felix.http.base.internal.dispatch.HttpFilterChain.doFilter(HttpFilterChain.java:31)
at org.apache.sling.i18n.impl.I18NFilter.doFilter(I18NFilter.java:129)


Problem accessing /saml_login. Reason:
com.adobe.granite.keystore.KeyStoreNotInitialisedException: Uninitialised key store for user authentication-service

Uninitialised-Keystore-authentication-service

Read more »
Posted by at 1 comment:
Labels:

Thursday, May 3, 2018

io.jsonwebtoken,version=[0.7,1) -- Cannot be resolved - Adobe Experience Manager(AEM)

io.jsonwebtoken,version=[0.7,1) -- Cannot be resolved - Adobe Experience Manager(AEM) 

I was getting the below exception while using the io.jsonwebtoken dependency in the bundle and the bundle was in Installed state.

org.osgi.framework.BundleException: Unresolved constraint in bundle com.test [452]: Unable to resolve 452.5: missing requirement [452.5] osgi.wiring.package; (&(osgi.wiring.package=io.jsonwebtoken)(version>=0.7.0)(!(version>=1.0.0)))
at org.apache.felix.framework.Felix.resolveBundleRevision(Felix.java:4095)
at org.apache.felix.framework.Felix.startBundle(Felix.java:2114)
at org.apache.felix.framework.BundleImpl.start(BundleImpl.java:977)
at org.apache.felix.framework.BundleImpl.start(BundleImpl.java:964)
at org.apache.sling.installer.core.impl.tasks.BundleStartTask.execute(BundleStartTask.java:93)
at org.apache.sling.installer.core.impl.OsgiInstallerImpl.doExecuteTasks(OsgiInstallerImpl.java:847)
at org.apache.sling.installer.core.impl.OsgiInstallerImpl.executeTasks(OsgiInstallerImpl.java:689)
at org.apache.sling.installer.core.impl.OsgiInstallerImpl.run(OsgiInstallerImpl.java:265)
at java.lang.Thread.run(Unknown Source)

The below dependency is added into pom.xml

<dependency>
<groupId>io.jsonwebtoken</groupId>
<artifactId>jjwt</artifactId>
<version>0.7.0</version>
</dependency>


Steps to fix:


Configure the maven-bundle-plugin as shown below

<plugin>
    <groupId>org.apache.felix</groupId>
    <artifactId>maven-bundle-plugin</artifactId>
    <extensions>true</extensions>
<configuration>
<instructions>
<Import-Package>
!android.util;resolution:=optional,
!com.fasterxml.jackson.core;resolution:=optional,
!com.fasterxml.jackson.databind;resolution:=optional,
!org.bouncycastle.jce;resolution:=optional,
!org.bouncycastle.jce.spec;resolution:=optional,
javax.inject;version=0.0.0,*
</Import-Package>
<Embed-Dependency>jjwt;inline=true</Embed-Dependency>
<Embed-Transitive>true</Embed-Transitive>
</instructions>
    </configuration>
</plugin>
Posted by at 2 comments:
Labels:

Tuesday, April 24, 2018

How to handle the request parameter encoding(charset) in Adobe Experience Manager(AEM)

How to handle the request parameter encoding(charset) in Adobe Experience Manager(AEM)


The default value for the parameter encoding in AEM is UTF8 — The default request parameter encoding used to decode request parameters into strings.

The configured parameter encoding value e.g UTF8 is used to decode the request parameters to string.

Sometimes we may need to change the default parameter encoding in Adobe Experience Manager(AEM) to handle different language characters.

This tutorial explains the approach to change the default parameter encoding to required values e.g UTF8, ISO-8859–1 etc

The request parameter can be changed by following either one of the below approach
  • Apache Sling Request Parameter Handling
  • Change the encoding for specific form

Apache Sling Request Parameter Handling


The request parameter encoding can be changed through the following OSGI configuration — “Apache Sling Request Parameter Handling”. This is the global configurations and impact all the request parameter handling(decoding)

“Default Parameter Encoding” — The default request parameter encoding used to decode request parameters into strings. If this property is not set the default encoding is ‘ISO-8859–1’ as mandated by the Servlet API spec. This default encoding is used if the ‘_charset_’ request parameter is not set to another (supported) character encoding. Applications being sure to always use the same encoding (e.g. UTF-8) can set this default here and may omit the ‘_charset_’ request parameter (sling.default.parameter.encoding)

The AEM server configures UTF-8 as the default parameter, ‘ISO-8859–1’ is considered as default encoding if this field is empty.



Change the value of “Default Parameter Encoding” to required values — e.g UTF-8/ISO-8859–1

Change the encoding for specific form


The request parameter can be changed to specific form by following the below steps

Add the parameter “_charset_” as a hidden field with required encoding value inside the form.

<form role=”form” id=”test” action=”xxxxx” method=”POST” accept-charset=”ISO-8859–1" onsubmit=”document.charset = ‘ISO-8859–1’”>
<input type=”hidden” id=”_charset_” name=”_charset_” value=”ISO-8859–1"/>
……..
……..
</form>

accept-charset=”ISO-8859–1" — specifies the character encoding that to be used for the form submission(non IE browsers)

“document.charset = ‘ISO-8859–1’” — specifies the character encoding that to be used for the form submission(Configuration for IE browser)

This will change the encoding of this particular form, different encoding can be specified page level and form level only to handle the data.
Posted by at No comments:
Labels:

Wednesday, April 18, 2018

How to implement extension-less URL's in Adobe Experience Manager(AEM)

How to implement extension-less URL's in Adobe Experience Manager(AEM)

As per the SEO best practices it is better to define extension less URL's to boost the ranking, AEM require the extension to understand and serve incoming request.

This post explains the approach to achieve the extension less URL in Adobe Experience Manager(AEM)

There are two steps

- Rule Configuration Dispatcher
       Remove .html extension from incoming URL with /
Append the .html while invoking the publisher for the URL's ending with /

- AEM etc/map configuration
      Reverse mapping to rewrite the html URL in the pages to extension less
      Forward mapping to map the incoming request to resource

This is tested in AEM 6.2 version

Apache configurations:


#Handle the landing page
RewriteRule ^/$ /en/ [R=301,L]
#Mask the /content/geometrixx-outdoors path
RewriteRule ^/content/geometrixx-outdoors/(.*)(\.html)?$ /$1 [NE,L,R=301]

#Replace the .html with /
RewriteCond %{REQUEST_URI} \.html$
RewriteRule ^/(.*).html$ /$1/ [R=301,L,QSA]

#Append the .html for those URL's ending with / before sending to publisher
RewriteCond %{REQUEST_URI} !^/$
RewriteRule ^/(.*)/$ /$1.html [PT,L,QSA]

Publisher etc/map configurations:


Create a node localhost.8080(replace with required DNS and port) of type sling:Mapping under /etc/map/http or /etc/map/https based on the protocol used

Add the following property

sling:internalRedirect[] - /content/geometrixx-outdoors

<?xml version="1.0" encoding="UTF-8"?>
<jcr:root xmlns:sling="http://sling.apache.org/jcr/sling/1.0" xmlns:jcr="http://www.jcp.org/jcr/1.0"
    jcr:primaryType="sling:Mapping"
    sling:internalRedirect="[/content/geometrixx-outdoors]">
    <redirect/>
    <reverse/>
</jcr:root>

AEM-extension-less-URL


Read more »
Posted by at No comments:
Labels:

Sunday, April 1, 2018

Different approaches to perform Vanity/Redirect URL management in Adobe Experience Manager(AEM)

Different approach to perform Vanity/Redirect URL management in Adobe Experience Manager(AEM)

In Adobe Experience Manager there is no centralized management UI to manage the Vanity/Redirect URL's also the vanity/Redirects are added into multiple places like Apache and AEM.

This post will explain the different approach to manage the Vanity/Redirect URL through centralized management UI.

Option1: Manage the Vanity URL's through VanityPath page property

  • Build a UI application to read vanityPath properties from the repository content nodes and enable management options - Add, Delete, Modification
  • Refer the following URL for details on this approach - https://helpx.adobe.com/experience-manager/using/vanitypath.html(only working in 6.1)
  • Whitelist vanity paths in dispatcher - https://helpx.adobe.com/experience-manager/dispatcher/using/dispatcher-configuration.html#EnablingAccesstoVanityURLsvanityurls
The same approach can be followed to manage the redirect path enabled in AEM

Vanity URL's are handled in AEM so all the request reaches AEM publisher

Option2 - Manage the Vanity/redirects through AEM UI on XML and redirect through Java Filter


VanityURL_Redirect_Java_Filter


Store the vanity and redirects mapping in a XML file with in AEM repository

<rules>
<rule>
<siteName></siteName>
<code></code>
<sourcePath></sourcePath>
<target></target>

</rule>
<rules>

  • Build a UI application to manage the redirects in the file - modify/remove and add new rules
  • Replicate the mapping XML to publisher on every modification through replication API
  • Build a Java filter that will redirect to the target URL if the vanity path is defined in the XML file(the filter should be restricted only required path)
  • Whitelist the vanitypaths in Apache – Expose the vanitypaths through custom URL(Servlet expose the list of vanity URLs by parsing the XML) and configure the URL in Apache for whitelisting(Refer https://helpx.adobe.com/experience-manager/dispatcher/using/dispatcher-configuration.html#EnablingAccesstoVanityURLsvanityurls for apache configuration, the vanity list URL should be custom)

Vanity/Redirects are handled in AEM so all the request reaches AEM publisher

Read more »
Posted by at No comments:
Labels:
Subscribe to: Posts (Atom)