GET 和 POST 不适用于 AEM CQ6.2 发布实例
GET and POST not working on AEM CQ6.2 Publish Instance
我正在使用 adobe aem cq 6 并使用 java 应用程序中的 HttpPost 创建用户。
此代码对于 author 实例 工作正常,但在 publish 上不工作实例.
JAVA代码
public static void createUser() throws IOException
{
CredentialsProvider credsProvider = new BasicCredentialsProvider();
credsProvider.setCredentials(
new AuthScope(AuthScope.ANY_HOST, AuthScope.ANY_PORT),
new UsernamePasswordCredentials("admin", "admin"));
CloseableHttpClient httpclient = HttpClients.custom()
.setDefaultCredentialsProvider(credsProvider)
.build();
HttpPost httpPost = new HttpPost("http://localhost:4503/libs/granite/security/post/authorizables");
List <NameValuePair> nvps = new ArrayList <NameValuePair>();
nvps.add(new BasicNameValuePair("createUser", ""));
nvps.add(new BasicNameValuePair("authorizableId", "dd90"));
nvps.add(new BasicNameValuePair("rep:password", "dd90"));
nvps.add(new BasicNameValuePair("profile/email", "dd90@hotmail.com"));
nvps.add(new BasicNameValuePair("intermediatePath", "/home/users/test/"));
httpPost.setEntity(new UrlEncodedFormEntity(nvps));
CloseableHttpResponse response2 = httpclient.execute(httpPost);
try {
System.out.println(response2.getStatusLine());
HttpEntity entity2 = response2.getEntity();
System.out.println(EntityUtils.toString(response2.getEntity()));
// do something useful with the response body
// and ensure it is fully consumed
EntityUtils.consume(entity2);
} finally {
response2.close();
}
}
我从 cq error.log
得到以下错误
POST /libs/granite/security/post/authorizables HTTP/1.1]
com.adobe.granite.security.user.internal.servlets.AuthorizableServlet
Error while processing AuthorizableServlet POST
javax.jcr.AccessDeniedException: null
at org.apache.jackrabbit.oak.util.NodeUtil.addChild(NodeUtil.java:113)
at org.apache.jackrabbit.oak.util.NodeUtil.getOrAddTree(NodeUtil.java:171)
at org.apache.jackrabbit.oak.security.user.UserProvider.createFolderNodes(UserProvider.java:306)
at org.apache.jackrabbit.oak.security.user.UserProvider.createAuthorizableNode(UserProvider.java:257)
at org.apache.jackrabbit.oak.security.user.UserProvider.createUser(UserProvider.java:185)
at org.apache.jackrabbit.oak.security.user.UserManagerImpl.createUser(UserManagerImpl.java:162)
at org.apache.jackrabbit.oak.jcr.delegate.UserManagerDelegator.perform(UserManagerDelegator.java:177)
at org.apache.jackrabbit.oak.jcr.delegate.UserManagerDelegator.perform(UserManagerDelegator.java:173)
at org.apache.jackrabbit.oak.jcr.delegate.SessionDelegate.perform(SessionDelegate.java:208)
at org.apache.jackrabbit.oak.jcr.delegate.UserManagerDelegator.createUser(UserManagerDelegator.java:173)
at com.adobe.granite.security.user.internal.servlets.AuthorizableServlet.create(AuthorizableServlet.java:800)
at com.adobe.granite.security.user.internal.servlets.AuthorizableServlet.doPost(AuthorizableServlet.java:707)
at org.apache.sling.api.servlets.SlingAllMethodsServlet.mayService(SlingAllMethodsServlet.java:149)
at org.apache.sling.api.servlets.SlingSafeMethodsServlet.service(SlingSafeMethodsServlet.java:345)
at org.apache.sling.api.servlets.SlingSafeMethodsServlet.service(SlingSafeMethodsServlet.java:376)
at org.apache.sling.engine.impl.request.RequestData.service(RequestData.java:546)
at org.apache.sling.engine.impl.filter.SlingComponentFilterChain.render(SlingComponentFilterChain.java:44)
at org.apache.sling.engine.impl.filter.AbstractSlingFilterChain.doFilter(AbstractSlingFilterChain.java:77)
at com.day.cq.personalization.impl.TargetComponentFilter.doFilter(TargetComponentFilter.java:96)
at org.apache.sling.engine.impl.filter.AbstractSlingFilterChain.doFilter(AbstractSlingFilterChain.java:68)
at com.day.cq.wcm.core.impl.WCMDebugFilter.doFilter(WCMDebugFilter.java:151)
at org.apache.sling.engine.impl.filter.AbstractSlingFilterChain.doFilter(AbstractSlingFilterChain.java:68)
at com.day.cq.wcm.core.impl.WCMComponentFilter.filterRootInclude(WCMComponentFilter.java:362)
at com.day.cq.wcm.core.impl.WCMComponentFilter.doFilter(WCMComponentFilter.java:177)
at org.apache.sling.engine.impl.filter.AbstractSlingFilterChain.doFilter(AbstractSlingFilterChain.java:68)
at org.apache.sling.engine.impl.SlingRequestProcessorImpl.processComponent(SlingRequestProcessorImpl.java:282)
at org.apache.sling.engine.impl.filter.RequestSlingFilterChain.render(RequestSlingFilterChain.java:49)
at org.apache.sling.engine.impl.filter.AbstractSlingFilterChain.doFilter(AbstractSlingFilterChain.java:77)
at com.adobe.cq.social.ugcbase.security.impl.SaferSlingPostServlet.doFilter(SaferSlingPostServlet.java:126)
at org.apache.sling.engine.impl.filter.AbstractSlingFilterChain.doFilter(AbstractSlingFilterChain.java:68)
at com.day.cq.dam.core.impl.assetlinkshare.AdhocAssetShareAuthHandler.doFilter(AdhocAssetShareAuthHandler.java:381)
at org.apache.sling.engine.impl.filter.AbstractSlingFilterChain.doFilter(AbstractSlingFilterChain.java:68)
at com.day.cq.dam.core.impl.servlet.ActivityRecordHandler.doFilter(ActivityRecordHandler.java:155)
at org.apache.sling.engine.impl.filter.AbstractSlingFilterChain.doFilter(AbstractSlingFilterChain.java:68)
at org.apache.sling.engine.impl.filter.AbstractSlingFilterChain.doFilter(AbstractSlingFilterChain.java:73)
at com.adobe.granite.requests.logging.impl.RequestLoggerImpl.doFilter(RequestLoggerImpl.java:114)
at org.apache.sling.engine.impl.filter.AbstractSlingFilterChain.doFilter(AbstractSlingFilterChain.java:68)
at com.adobe.granite.csrf.impl.CSRFFilter.doFilter(CSRFFilter.java:220)
at org.apache.sling.engine.impl.filter.AbstractSlingFilterChain.doFilter(AbstractSlingFilterChain.java:68)
at org.apache.sling.security.impl.ContentDispositionFilter.doFilter(ContentDispositionFilter.java:181)
at org.apache.sling.engine.impl.filter.AbstractSlingFilterChain.doFilter(AbstractSlingFilterChain.java:68)
at com.day.cq.wcm.core.impl.AuthoringUIModeServiceImpl.doFilter(AuthoringUIModeServiceImpl.java:292)
at org.apache.sling.engine.impl.filter.AbstractSlingFilterChain.doFilter(AbstractSlingFilterChain.java:68)
at com.day.cq.wcm.core.impl.warp.TimeWarpFilter.doFilter(TimeWarpFilter.java:106)
at org.apache.sling.engine.impl.filter.AbstractSlingFilterChain.doFilter(AbstractSlingFilterChain.java:68)
at com.day.cq.wcm.mobile.core.impl.redirect.RedirectFilter.doFilter(RedirectFilter.java:248)
at org.apache.sling.engine.impl.filter.AbstractSlingFilterChain.doFilter(AbstractSlingFilterChain.java:68)
at org.apache.sling.i18n.impl.I18NFilter.doFilter(I18NFilter.java:129)
at org.apache.sling.engine.impl.filter.AbstractSlingFilterChain.doFilter(AbstractSlingFilterChain.java:68)
at org.apache.sling.engine.impl.debug.RequestProgressTrackerLogFilter.doFilter(RequestProgressTrackerLogFilter.java:95)
at org.apache.sling.engine.impl.filter.AbstractSlingFilterChain.doFilter(AbstractSlingFilterChain.java:68)
at com.day.cq.analytics.provisioning.impl.UserAuthenticationRequestFilter.doFilter(UserAuthenticationRequestFilter.java:119)
at org.apache.sling.engine.impl.filter.AbstractSlingFilterChain.doFilter(AbstractSlingFilterChain.java:68)
at com.adobe.cq.social.commons.cors.CORSAuthenticationFilter.doFilter(CORSAuthenticationFilter.java:91)
at org.apache.sling.engine.impl.filter.AbstractSlingFilterChain.doFilter(AbstractSlingFilterChain.java:68)
at com.day.cq.wcm.foundation.forms.impl.FormsHandlingServlet.doFilter(FormsHandlingServlet.java:285)
at org.apache.sling.engine.impl.filter.AbstractSlingFilterChain.doFilter(AbstractSlingFilterChain.java:68)
at com.adobe.granite.optout.impl.OptOutFilter.doFilter(OptOutFilter.java:74)
at org.apache.sling.engine.impl.filter.AbstractSlingFilterChain.doFilter(AbstractSlingFilterChain.java:68)
at com.day.cq.wcm.core.impl.WCMRequestFilter.doFilter(WCMRequestFilter.java:90)
at org.apache.sling.engine.impl.filter.AbstractSlingFilterChain.doFilter(AbstractSlingFilterChain.java:68)
at com.adobe.cq.mcm.campaign.servlets.CampaignCopyTracker.doFilter(CampaignCopyTracker.java:100)
at org.apache.sling.engine.impl.filter.AbstractSlingFilterChain.doFilter(AbstractSlingFilterChain.java:68)
at org.apache.sling.rewriter.impl.RewriterFilter.doFilter(RewriterFilter.java:83)
at org.apache.sling.engine.impl.filter.AbstractSlingFilterChain.doFilter(AbstractSlingFilterChain.java:68)
at com.adobe.granite.httpcache.impl.InnerCacheFilter.doFilter(InnerCacheFilter.java:77)
at com.adobe.granite.httpcache.impl.InnerCacheFilter.doFilter(InnerCacheFilter.java:56)
at org.apache.sling.engine.impl.filter.AbstractSlingFilterChain.doFilter(AbstractSlingFilterChain.java:68)
at com.adobe.granite.rest.impl.servlet.ApiResourceFilter.doFilter(ApiResourceFilter.java:67)
at org.apache.sling.engine.impl.filter.AbstractSlingFilterChain.doFilter(AbstractSlingFilterChain.java:68)
at org.apache.sling.bgservlets.impl.BackgroundServletStarterFilter.doFilter(BackgroundServletStarterFilter.java:169)
at org.apache.sling.engine.impl.filter.AbstractSlingFilterChain.doFilter(AbstractSlingFilterChain.java:68)
at com.adobe.granite.resourceresolverhelper.impl.ResourceResolverHelperImpl.doFilter(ResourceResolverHelperImpl.java:84)
at org.apache.sling.engine.impl.filter.AbstractSlingFilterChain.doFilter(AbstractSlingFilterChain.java:68)
at org.apache.sling.engine.impl.SlingRequestProcessorImpl.doProcessRequest(SlingRequestProcessorImpl.java:151)
at org.apache.sling.engine.impl.SlingMainServlet.service(SlingMainServlet.java:216)
at org.apache.felix.http.base.internal.handler.ServletHandler.handle(ServletHandler.java:85)
at org.apache.felix.http.base.internal.dispatch.InvocationChain.doFilter(InvocationChain.java:79)
at org.apache.sling.i18n.impl.I18NFilter.doFilter(I18NFilter.java:129)
at org.apache.felix.http.base.internal.handler.FilterHandler.handle(FilterHandler.java:135)
at org.apache.felix.http.base.internal.dispatch.InvocationChain.doFilter(InvocationChain.java:74)
at org.apache.sling.security.impl.ReferrerFilter.doFilter(ReferrerFilter.java:290)
at org.apache.felix.http.base.internal.handler.FilterHandler.handle(FilterHandler.java:135)
at org.apache.felix.http.base.internal.dispatch.InvocationChain.doFilter(InvocationChain.java:74)
at com.adobe.granite.license.impl.LicenseCheckFilter.doFilter(LicenseCheckFilter.java:308)
at org.apache.felix.http.base.internal.handler.FilterHandler.handle(FilterHandler.java:135)
at org.apache.felix.http.base.internal.dispatch.InvocationChain.doFilter(InvocationChain.java:74)
at org.apache.felix.http.sslfilter.internal.SslFilter.doFilter(SslFilter.java:89)
at org.apache.felix.http.base.internal.handler.FilterHandler.handle(FilterHandler.java:135)
at org.apache.felix.http.base.internal.dispatch.InvocationChain.doFilter(InvocationChain.java:74)
at org.apache.sling.featureflags.impl.FeatureManager.doFilter(FeatureManager.java:116)
at org.apache.felix.http.base.internal.handler.FilterHandler.handle(FilterHandler.java:135)
at org.apache.felix.http.base.internal.dispatch.InvocationChain.doFilter(InvocationChain.java:74)
at org.apache.sling.engine.impl.log.RequestLoggerFilter.doFilter(RequestLoggerFilter.java:75)
at org.apache.felix.http.base.internal.handler.FilterHandler.handle(FilterHandler.java:135)
at org.apache.felix.http.base.internal.dispatch.InvocationChain.doFilter(InvocationChain.java:74)
at org.apache.felix.http.base.internal.dispatch.Dispatcher.dispatch(Dispatcher.java:124)
at org.apache.felix.http.base.internal.DispatcherServlet.service(DispatcherServlet.java:61)
at javax.servlet.http.HttpServlet.service(HttpServlet.java:725)
at org.eclipse.jetty.servlet.ServletHolder.handle(ServletHolder.java:812)
at org.eclipse.jetty.servlet.ServletHandler.doHandle(ServletHandler.java:587)
at org.eclipse.jetty.server.session.SessionHandler.doHandle(SessionHandler.java:221)
at org.eclipse.jetty.server.handler.ContextHandler.doHandle(ContextHandler.java:1127)
at org.eclipse.jetty.servlet.ServletHandler.doScope(ServletHandler.java:515)
at org.eclipse.jetty.server.session.SessionHandler.doScope(SessionHandler.java:185)
at org.eclipse.jetty.server.handler.ContextHandler.doScope(ContextHandler.java:1061)
at org.eclipse.jetty.server.handler.ScopedHandler.handle(ScopedHandler.java:141)
at org.eclipse.jetty.server.handler.ContextHandlerCollection.handle(ContextHandlerCollection.java:215)
at org.eclipse.jetty.server.handler.HandlerWrapper.handle(HandlerWrapper.java:97)
at org.eclipse.jetty.server.Server.handle(Server.java:499)
at org.eclipse.jetty.server.HttpChannel.handle(HttpChannel.java:311)
at org.eclipse.jetty.server.HttpConnection.onFillable(HttpConnection.java:257)
at org.eclipse.jetty.io.AbstractConnection.run(AbstractConnection.java:544)
at org.eclipse.jetty.util.thread.QueuedThreadPool.runJob(QueuedThreadPool.java:635)
at org.eclipse.jetty.util.thread.QueuedThreadPool.run(QueuedThreadPool.java:555)
at java.lang.Thread.run(Thread.java:745)
我也尝试过使用 CURL 命令,它对作者和发布都工作正常。
curl -u admin:admin -FcreateUser= -FauthorizableId=dd12 -Frep:password=testuser -Fprofile/email=dd@intel.com -Fprofile/age=32 -Fprofile/familyName=dd -Fprofile/givenName=dd -FintermediatePath="/home/users/test/" http://localhost:4503/libs/granite/security/post/authorizables
不幸的是,由于环境限制,我不能在这个项目中使用 CURL。
我怀疑有一些配置可以在发布实例上启用 GET 和 POST,因为我可以将上面的 java 代码用于作者实例而不会失败。谁能帮帮我吗?我花了 3 天时间寻找解决方案,但仍在苦苦挣扎。
更新于 27/3/2017
我发现只需添加和删除几行代码,导入 java.util.Base64,这个问题就解决了。
删除设置凭据的 CredentialsProvider。在 httpPost 声明下面添加以下内容。
byte[] message = "admin:admin".getBytes(StandardCharsets.UTF_8);
String encodedString = Base64.getEncoder().encodeToString(message);
httpPost.setHeader("Authorization","Basic " + encodedString);
最佳和推荐的做法是在 Author 上创建用户并将其复制给发布者(除非您使用的社区不在此问题的范围内)。
您已经知道如何通过 curl 在作者上创建用户:
curl -u admin:admin -FcreateUser= -FauthorizableId=testuser -Frep:password=testuser -FintermediatePath="/home/users/test/" http://localhost:4502/libs/granite/security/post/authorizables
创建用户后,您可以使用以下 curl 命令复制它:
curl -u admin:admin -X POST -F path="/home/users/test/testUser -F cmd="activate" http://localhost:4502/bin/replicate.json
这是比在发布者中打开安全漏洞更简单的解决方案。
对于 Java 解决方案,您可以 POST 复制命令使用与上面相同的 Java 代码,但路径不同。
希望对您有所帮助。
我正在使用 adobe aem cq 6 并使用 java 应用程序中的 HttpPost 创建用户。 此代码对于 author 实例 工作正常,但在 publish 上不工作实例.
JAVA代码
public static void createUser() throws IOException
{
CredentialsProvider credsProvider = new BasicCredentialsProvider();
credsProvider.setCredentials(
new AuthScope(AuthScope.ANY_HOST, AuthScope.ANY_PORT),
new UsernamePasswordCredentials("admin", "admin"));
CloseableHttpClient httpclient = HttpClients.custom()
.setDefaultCredentialsProvider(credsProvider)
.build();
HttpPost httpPost = new HttpPost("http://localhost:4503/libs/granite/security/post/authorizables");
List <NameValuePair> nvps = new ArrayList <NameValuePair>();
nvps.add(new BasicNameValuePair("createUser", ""));
nvps.add(new BasicNameValuePair("authorizableId", "dd90"));
nvps.add(new BasicNameValuePair("rep:password", "dd90"));
nvps.add(new BasicNameValuePair("profile/email", "dd90@hotmail.com"));
nvps.add(new BasicNameValuePair("intermediatePath", "/home/users/test/"));
httpPost.setEntity(new UrlEncodedFormEntity(nvps));
CloseableHttpResponse response2 = httpclient.execute(httpPost);
try {
System.out.println(response2.getStatusLine());
HttpEntity entity2 = response2.getEntity();
System.out.println(EntityUtils.toString(response2.getEntity()));
// do something useful with the response body
// and ensure it is fully consumed
EntityUtils.consume(entity2);
} finally {
response2.close();
}
}
我从 cq error.log
得到以下错误POST /libs/granite/security/post/authorizables HTTP/1.1] com.adobe.granite.security.user.internal.servlets.AuthorizableServlet Error while processing AuthorizableServlet POST javax.jcr.AccessDeniedException: null at org.apache.jackrabbit.oak.util.NodeUtil.addChild(NodeUtil.java:113) at org.apache.jackrabbit.oak.util.NodeUtil.getOrAddTree(NodeUtil.java:171) at org.apache.jackrabbit.oak.security.user.UserProvider.createFolderNodes(UserProvider.java:306) at org.apache.jackrabbit.oak.security.user.UserProvider.createAuthorizableNode(UserProvider.java:257) at org.apache.jackrabbit.oak.security.user.UserProvider.createUser(UserProvider.java:185) at org.apache.jackrabbit.oak.security.user.UserManagerImpl.createUser(UserManagerImpl.java:162) at org.apache.jackrabbit.oak.jcr.delegate.UserManagerDelegator.perform(UserManagerDelegator.java:177) at org.apache.jackrabbit.oak.jcr.delegate.UserManagerDelegator.perform(UserManagerDelegator.java:173) at org.apache.jackrabbit.oak.jcr.delegate.SessionDelegate.perform(SessionDelegate.java:208) at org.apache.jackrabbit.oak.jcr.delegate.UserManagerDelegator.createUser(UserManagerDelegator.java:173) at com.adobe.granite.security.user.internal.servlets.AuthorizableServlet.create(AuthorizableServlet.java:800) at com.adobe.granite.security.user.internal.servlets.AuthorizableServlet.doPost(AuthorizableServlet.java:707) at org.apache.sling.api.servlets.SlingAllMethodsServlet.mayService(SlingAllMethodsServlet.java:149) at org.apache.sling.api.servlets.SlingSafeMethodsServlet.service(SlingSafeMethodsServlet.java:345) at org.apache.sling.api.servlets.SlingSafeMethodsServlet.service(SlingSafeMethodsServlet.java:376) at org.apache.sling.engine.impl.request.RequestData.service(RequestData.java:546) at org.apache.sling.engine.impl.filter.SlingComponentFilterChain.render(SlingComponentFilterChain.java:44) at org.apache.sling.engine.impl.filter.AbstractSlingFilterChain.doFilter(AbstractSlingFilterChain.java:77) at com.day.cq.personalization.impl.TargetComponentFilter.doFilter(TargetComponentFilter.java:96) at org.apache.sling.engine.impl.filter.AbstractSlingFilterChain.doFilter(AbstractSlingFilterChain.java:68) at com.day.cq.wcm.core.impl.WCMDebugFilter.doFilter(WCMDebugFilter.java:151) at org.apache.sling.engine.impl.filter.AbstractSlingFilterChain.doFilter(AbstractSlingFilterChain.java:68) at com.day.cq.wcm.core.impl.WCMComponentFilter.filterRootInclude(WCMComponentFilter.java:362) at com.day.cq.wcm.core.impl.WCMComponentFilter.doFilter(WCMComponentFilter.java:177) at org.apache.sling.engine.impl.filter.AbstractSlingFilterChain.doFilter(AbstractSlingFilterChain.java:68) at org.apache.sling.engine.impl.SlingRequestProcessorImpl.processComponent(SlingRequestProcessorImpl.java:282) at org.apache.sling.engine.impl.filter.RequestSlingFilterChain.render(RequestSlingFilterChain.java:49) at org.apache.sling.engine.impl.filter.AbstractSlingFilterChain.doFilter(AbstractSlingFilterChain.java:77) at com.adobe.cq.social.ugcbase.security.impl.SaferSlingPostServlet.doFilter(SaferSlingPostServlet.java:126) at org.apache.sling.engine.impl.filter.AbstractSlingFilterChain.doFilter(AbstractSlingFilterChain.java:68) at com.day.cq.dam.core.impl.assetlinkshare.AdhocAssetShareAuthHandler.doFilter(AdhocAssetShareAuthHandler.java:381) at org.apache.sling.engine.impl.filter.AbstractSlingFilterChain.doFilter(AbstractSlingFilterChain.java:68) at com.day.cq.dam.core.impl.servlet.ActivityRecordHandler.doFilter(ActivityRecordHandler.java:155) at org.apache.sling.engine.impl.filter.AbstractSlingFilterChain.doFilter(AbstractSlingFilterChain.java:68) at org.apache.sling.engine.impl.filter.AbstractSlingFilterChain.doFilter(AbstractSlingFilterChain.java:73) at com.adobe.granite.requests.logging.impl.RequestLoggerImpl.doFilter(RequestLoggerImpl.java:114) at org.apache.sling.engine.impl.filter.AbstractSlingFilterChain.doFilter(AbstractSlingFilterChain.java:68) at com.adobe.granite.csrf.impl.CSRFFilter.doFilter(CSRFFilter.java:220) at org.apache.sling.engine.impl.filter.AbstractSlingFilterChain.doFilter(AbstractSlingFilterChain.java:68) at org.apache.sling.security.impl.ContentDispositionFilter.doFilter(ContentDispositionFilter.java:181) at org.apache.sling.engine.impl.filter.AbstractSlingFilterChain.doFilter(AbstractSlingFilterChain.java:68) at com.day.cq.wcm.core.impl.AuthoringUIModeServiceImpl.doFilter(AuthoringUIModeServiceImpl.java:292) at org.apache.sling.engine.impl.filter.AbstractSlingFilterChain.doFilter(AbstractSlingFilterChain.java:68) at com.day.cq.wcm.core.impl.warp.TimeWarpFilter.doFilter(TimeWarpFilter.java:106) at org.apache.sling.engine.impl.filter.AbstractSlingFilterChain.doFilter(AbstractSlingFilterChain.java:68) at com.day.cq.wcm.mobile.core.impl.redirect.RedirectFilter.doFilter(RedirectFilter.java:248) at org.apache.sling.engine.impl.filter.AbstractSlingFilterChain.doFilter(AbstractSlingFilterChain.java:68) at org.apache.sling.i18n.impl.I18NFilter.doFilter(I18NFilter.java:129) at org.apache.sling.engine.impl.filter.AbstractSlingFilterChain.doFilter(AbstractSlingFilterChain.java:68) at org.apache.sling.engine.impl.debug.RequestProgressTrackerLogFilter.doFilter(RequestProgressTrackerLogFilter.java:95) at org.apache.sling.engine.impl.filter.AbstractSlingFilterChain.doFilter(AbstractSlingFilterChain.java:68) at com.day.cq.analytics.provisioning.impl.UserAuthenticationRequestFilter.doFilter(UserAuthenticationRequestFilter.java:119) at org.apache.sling.engine.impl.filter.AbstractSlingFilterChain.doFilter(AbstractSlingFilterChain.java:68) at com.adobe.cq.social.commons.cors.CORSAuthenticationFilter.doFilter(CORSAuthenticationFilter.java:91) at org.apache.sling.engine.impl.filter.AbstractSlingFilterChain.doFilter(AbstractSlingFilterChain.java:68) at com.day.cq.wcm.foundation.forms.impl.FormsHandlingServlet.doFilter(FormsHandlingServlet.java:285) at org.apache.sling.engine.impl.filter.AbstractSlingFilterChain.doFilter(AbstractSlingFilterChain.java:68) at com.adobe.granite.optout.impl.OptOutFilter.doFilter(OptOutFilter.java:74) at org.apache.sling.engine.impl.filter.AbstractSlingFilterChain.doFilter(AbstractSlingFilterChain.java:68) at com.day.cq.wcm.core.impl.WCMRequestFilter.doFilter(WCMRequestFilter.java:90) at org.apache.sling.engine.impl.filter.AbstractSlingFilterChain.doFilter(AbstractSlingFilterChain.java:68) at com.adobe.cq.mcm.campaign.servlets.CampaignCopyTracker.doFilter(CampaignCopyTracker.java:100) at org.apache.sling.engine.impl.filter.AbstractSlingFilterChain.doFilter(AbstractSlingFilterChain.java:68) at org.apache.sling.rewriter.impl.RewriterFilter.doFilter(RewriterFilter.java:83) at org.apache.sling.engine.impl.filter.AbstractSlingFilterChain.doFilter(AbstractSlingFilterChain.java:68) at com.adobe.granite.httpcache.impl.InnerCacheFilter.doFilter(InnerCacheFilter.java:77) at com.adobe.granite.httpcache.impl.InnerCacheFilter.doFilter(InnerCacheFilter.java:56) at org.apache.sling.engine.impl.filter.AbstractSlingFilterChain.doFilter(AbstractSlingFilterChain.java:68) at com.adobe.granite.rest.impl.servlet.ApiResourceFilter.doFilter(ApiResourceFilter.java:67) at org.apache.sling.engine.impl.filter.AbstractSlingFilterChain.doFilter(AbstractSlingFilterChain.java:68) at org.apache.sling.bgservlets.impl.BackgroundServletStarterFilter.doFilter(BackgroundServletStarterFilter.java:169) at org.apache.sling.engine.impl.filter.AbstractSlingFilterChain.doFilter(AbstractSlingFilterChain.java:68) at com.adobe.granite.resourceresolverhelper.impl.ResourceResolverHelperImpl.doFilter(ResourceResolverHelperImpl.java:84) at org.apache.sling.engine.impl.filter.AbstractSlingFilterChain.doFilter(AbstractSlingFilterChain.java:68) at org.apache.sling.engine.impl.SlingRequestProcessorImpl.doProcessRequest(SlingRequestProcessorImpl.java:151) at org.apache.sling.engine.impl.SlingMainServlet.service(SlingMainServlet.java:216) at org.apache.felix.http.base.internal.handler.ServletHandler.handle(ServletHandler.java:85) at org.apache.felix.http.base.internal.dispatch.InvocationChain.doFilter(InvocationChain.java:79) at org.apache.sling.i18n.impl.I18NFilter.doFilter(I18NFilter.java:129) at org.apache.felix.http.base.internal.handler.FilterHandler.handle(FilterHandler.java:135) at org.apache.felix.http.base.internal.dispatch.InvocationChain.doFilter(InvocationChain.java:74) at org.apache.sling.security.impl.ReferrerFilter.doFilter(ReferrerFilter.java:290) at org.apache.felix.http.base.internal.handler.FilterHandler.handle(FilterHandler.java:135) at org.apache.felix.http.base.internal.dispatch.InvocationChain.doFilter(InvocationChain.java:74) at com.adobe.granite.license.impl.LicenseCheckFilter.doFilter(LicenseCheckFilter.java:308) at org.apache.felix.http.base.internal.handler.FilterHandler.handle(FilterHandler.java:135) at org.apache.felix.http.base.internal.dispatch.InvocationChain.doFilter(InvocationChain.java:74) at org.apache.felix.http.sslfilter.internal.SslFilter.doFilter(SslFilter.java:89) at org.apache.felix.http.base.internal.handler.FilterHandler.handle(FilterHandler.java:135) at org.apache.felix.http.base.internal.dispatch.InvocationChain.doFilter(InvocationChain.java:74) at org.apache.sling.featureflags.impl.FeatureManager.doFilter(FeatureManager.java:116) at org.apache.felix.http.base.internal.handler.FilterHandler.handle(FilterHandler.java:135) at org.apache.felix.http.base.internal.dispatch.InvocationChain.doFilter(InvocationChain.java:74) at org.apache.sling.engine.impl.log.RequestLoggerFilter.doFilter(RequestLoggerFilter.java:75) at org.apache.felix.http.base.internal.handler.FilterHandler.handle(FilterHandler.java:135) at org.apache.felix.http.base.internal.dispatch.InvocationChain.doFilter(InvocationChain.java:74) at org.apache.felix.http.base.internal.dispatch.Dispatcher.dispatch(Dispatcher.java:124) at org.apache.felix.http.base.internal.DispatcherServlet.service(DispatcherServlet.java:61) at javax.servlet.http.HttpServlet.service(HttpServlet.java:725) at org.eclipse.jetty.servlet.ServletHolder.handle(ServletHolder.java:812) at org.eclipse.jetty.servlet.ServletHandler.doHandle(ServletHandler.java:587) at org.eclipse.jetty.server.session.SessionHandler.doHandle(SessionHandler.java:221) at org.eclipse.jetty.server.handler.ContextHandler.doHandle(ContextHandler.java:1127) at org.eclipse.jetty.servlet.ServletHandler.doScope(ServletHandler.java:515) at org.eclipse.jetty.server.session.SessionHandler.doScope(SessionHandler.java:185) at org.eclipse.jetty.server.handler.ContextHandler.doScope(ContextHandler.java:1061) at org.eclipse.jetty.server.handler.ScopedHandler.handle(ScopedHandler.java:141) at org.eclipse.jetty.server.handler.ContextHandlerCollection.handle(ContextHandlerCollection.java:215) at org.eclipse.jetty.server.handler.HandlerWrapper.handle(HandlerWrapper.java:97) at org.eclipse.jetty.server.Server.handle(Server.java:499) at org.eclipse.jetty.server.HttpChannel.handle(HttpChannel.java:311) at org.eclipse.jetty.server.HttpConnection.onFillable(HttpConnection.java:257) at org.eclipse.jetty.io.AbstractConnection.run(AbstractConnection.java:544) at org.eclipse.jetty.util.thread.QueuedThreadPool.runJob(QueuedThreadPool.java:635) at org.eclipse.jetty.util.thread.QueuedThreadPool.run(QueuedThreadPool.java:555) at java.lang.Thread.run(Thread.java:745)
我也尝试过使用 CURL 命令,它对作者和发布都工作正常。
curl -u admin:admin -FcreateUser= -FauthorizableId=dd12 -Frep:password=testuser -Fprofile/email=dd@intel.com -Fprofile/age=32 -Fprofile/familyName=dd -Fprofile/givenName=dd -FintermediatePath="/home/users/test/" http://localhost:4503/libs/granite/security/post/authorizables
不幸的是,由于环境限制,我不能在这个项目中使用 CURL。
我怀疑有一些配置可以在发布实例上启用 GET 和 POST,因为我可以将上面的 java 代码用于作者实例而不会失败。谁能帮帮我吗?我花了 3 天时间寻找解决方案,但仍在苦苦挣扎。
更新于 27/3/2017
我发现只需添加和删除几行代码,导入 java.util.Base64,这个问题就解决了。
删除设置凭据的 CredentialsProvider。在 httpPost 声明下面添加以下内容。
byte[] message = "admin:admin".getBytes(StandardCharsets.UTF_8);
String encodedString = Base64.getEncoder().encodeToString(message);
httpPost.setHeader("Authorization","Basic " + encodedString);
最佳和推荐的做法是在 Author 上创建用户并将其复制给发布者(除非您使用的社区不在此问题的范围内)。
您已经知道如何通过 curl 在作者上创建用户:
curl -u admin:admin -FcreateUser= -FauthorizableId=testuser -Frep:password=testuser -FintermediatePath="/home/users/test/" http://localhost:4502/libs/granite/security/post/authorizables
创建用户后,您可以使用以下 curl 命令复制它:
curl -u admin:admin -X POST -F path="/home/users/test/testUser -F cmd="activate" http://localhost:4502/bin/replicate.json
这是比在发布者中打开安全漏洞更简单的解决方案。
对于 Java 解决方案,您可以 POST 复制命令使用与上面相同的 Java 代码,但路径不同。
希望对您有所帮助。