GET和POST不适用于AEM CQ6.2发布实例

时间:2017-03-24 08:47:45

标签: java http-post adobe cq5 aem

我正在研究adobe aem cq 6并使用Java应用程序中的HttpPost创建用户。 作者实例的此代码正常,但发布实例

JAVA代码

    public static void createUser() throws IOException
    {

        CredentialsProvider credsProvider = new BasicCredentialsProvider();
        credsProvider.setCredentials(
                new AuthScope(AuthScope.ANY_HOST, AuthScope.ANY_PORT),
                new UsernamePasswordCredentials("admin", "admin"));
        CloseableHttpClient httpclient = HttpClients.custom()
                .setDefaultCredentialsProvider(credsProvider)
                .build();

        HttpPost httpPost = new HttpPost("http://localhost:4503/libs/granite/security/post/authorizables");
        List <NameValuePair> nvps = new ArrayList <NameValuePair>();
        nvps.add(new BasicNameValuePair("createUser", ""));
        nvps.add(new BasicNameValuePair("authorizableId", "dd90"));
        nvps.add(new BasicNameValuePair("rep:password", "dd90"));
        nvps.add(new BasicNameValuePair("profile/email", "dd90@hotmail.com"));
        nvps.add(new BasicNameValuePair("intermediatePath", "/home/users/test/"));
        httpPost.setEntity(new UrlEncodedFormEntity(nvps));
        CloseableHttpResponse response2 = httpclient.execute(httpPost);

        try {
            System.out.println(response2.getStatusLine());
            HttpEntity entity2 = response2.getEntity();
            System.out.println(EntityUtils.toString(response2.getEntity()));
            // do something useful with the response body
            // and ensure it is fully consumed
            EntityUtils.consume(entity2);
        } finally {
            response2.close();
        }
}

我从cq error.log

中得到以下错误
  

POST / libs / granite / security / post / authorizables HTTP / 1.1]   com.adobe.granite.security.user.internal.servlets.AuthorizableServlet   处理AuthorizableServlet POST时出错   javax.jcr.AccessDeniedException:null           在org.apache.jackrabbit.oak.util.NodeUtil.addChild(NodeUtil.java:113)           在org.apache.jackrabbit.oak.util.NodeUtil.getOrAddTree(NodeUtil.java:171)           at org.apache.jackrabbit.oak.security.user.UserProvider.createFolderNodes(UserProvider.java:306)           at org.apache.jackrabbit.oak.security.user.UserProvider.createAuthorizableNode(UserProvider.java:257)           at org.apache.jackrabbit.oak.security.user.UserProvider.createUser(UserProvider.java:185)           at org.apache.jackrabbit.oak.security.user.UserManagerImpl.createUser(UserManagerImpl.java:162)           在org.apache.jackrabbit.oak.jcr.delegate.UserManagerDelegator $ 9.perform(UserManagerDelegator.java:177)           在org.apache.jackrabbit.oak.jcr.delegate.UserManagerDelegator $ 9.perform(UserManagerDelegator.java:173)           在org.apache.jackrabbit.oak.jcr.delegate.SessionDelegate.perform(SessionDelegate.java:208)           在org.apache.jackrabbit.oak.jcr.delegate.UserManagerDelegator.createUser(UserManagerDelegator.java:173)           at com.adobe.granite.security.user.internal.servlets.AuthorizableServlet.create(AuthorizableServlet.java:800)           at com.adobe.granite.security.user.internal.servlets.AuthorizableServlet.doPost(AuthorizableServlet.java:707)           at org.apache.sling.api.servlets.SlingAllMethodsServlet.mayService(SlingAllMethodsServlet.java:149)           在org.apache.sling.api.servlets.SlingSafeMethodsServlet.service(SlingSafeMethodsServlet.java:345)           在org.apache.sling.api.servlets.SlingSafeMethodsServlet.service(SlingSafeMethodsServlet.java:376)           在org.apache.sling.engine.impl.request.RequestData.service(RequestData.java:546)           在org.apache.sling.engine.impl.filter.SlingComponentFilterChain.render(SlingComponentFilterChain.java:44)           at org.apache.sling.engine.impl.filter.AbstractSlingFilterChain.doFilter(AbstractSlingFilterChain.java:77)           在com.day.cq.personalization.impl.TargetComponentFilter.doFilter(TargetComponentFilter.java:96)           at org.apache.sling.engine.impl.filter.AbstractSlingFilterChain.doFilter(AbstractSlingFilterChain.java:68)           在com.day.cq.wcm.core.impl.WCMDebugFilter.doFilter(WCMDebugFilter.java:151)           at org.apache.sling.engine.impl.filter.AbstractSlingFilterChain.doFilter(AbstractSlingFilterChain.java:68)           at com.day.cq.wcm.core.impl.WCMComponentFilter.filterRootInclude(WCMComponentFilter.java:362)           在com.day.cq.wcm.core.impl.WCMComponentFilter.doFilter(WCMComponentFilter.java:177)           at org.apache.sling.engine.impl.filter.AbstractSlingFilterChain.doFilter(AbstractSlingFilterChain.java:68)           at org.apache.sling.engine.impl.SlingRequestProcessorImpl.processComponent(SlingRequestProcessorImpl.java:282)           在org.apache.sling.engine.impl.filter.RequestSlingFilterChain.render(RequestSlingFilterChain.java:49)           at org.apache.sling.engine.impl.filter.AbstractSlingFilterChain.doFilter(AbstractSlingFilterChain.java:77)           在com.adobe.cq.social.ugcbase.security.impl.SaferSlingPostServlet.doFilter(SaferSlingPostServlet.java:126)           at org.apache.sling.engine.impl.filter.AbstractSlingFilterChain.doFilter(AbstractSlingFilterChain.java:68)           在com.day.cq.dam.core.impl.assetlinkshare.AdhocAssetShareAuthHandler.doFilter(AdhocAssetShareAuthHandler.java:381)           at org.apache.sling.engine.impl.filter.AbstractSlingFilterChain.doFilter(AbstractSlingFilterChain.java:68)           在com.day.cq.dam.core.impl.servlet.ActivityRecordHandler.doFilter(ActivityRecordHandler.java:155)           at org.apache.sling.engine.impl.filter.AbstractSlingFilterChain.doFilter(AbstractSlingFilterChain.java:68)           在org.apache.sling.engine.impl.filter.AbstractSlingFilterChain.doFilter(AbstractSlingFilterChain.java:73)           在com.adobe.granite.requests.logging.impl.RequestLoggerImpl.doFilter(RequestLoggerImpl.java:114)           at org.apache.sling.engine.impl.filter.AbstractSlingFilterChain.doFilter(AbstractSlingFilterChain.java:68)           在com.adobe.granite.csrf.impl.CSRFFilter.doFilter(CSRFFilter.java:220)           at org.apache.sling.engine.impl.filter.AbstractSlingFilterChain.doFilter(AbstractSlingFilterChain.java:68)           在org.apache.sling.security.impl.ContentDispositionFilter.doFilter(ContentDispositionFilter.java:181)           at org.apache.sling.engine.impl.filter.AbstractSlingFilterChain.doFilter(AbstractSlingFilterChain.java:68)           在com.day.cq.wcm.core.impl.AuthoringUIModeServiceImpl.doFilter(AuthoringUIModeServiceImpl.java:292)           at org.apache.sling.engine.impl.filter.AbstractSlingFilterChain.doFilter(AbstractSlingFilterChain.java:68)           在com.day.cq.wcm.core.impl.warp.TimeWarpFilter.doFilter(TimeWarpFilter.java:106)           at org.apache.sling.engine.impl.filter.AbstractSlingFilterChain.doFilter(AbstractSlingFilterChain.java:68)           在com.day.cq.wcm.mobile.core.impl.redirect.RedirectFilter.doFilter(RedirectFilter.java:248)           at org.apache.sling.engine.impl.filter.AbstractSlingFilterChain.doFilter(AbstractSlingFilterChain.java:68)           在org.apache.sling.i18n.impl.I18NFilter.doFilter(I18NFilter.java:129)           at org.apache.sling.engine.impl.filter.AbstractSlingFilterChain.doFilter(AbstractSlingFilterChain.java:68)           at org.apache.sling.engine.impl.debug.RequestProgressTrackerLogFilter.doFilter(RequestProgressTrackerLogFilter.java:95)           at org.apache.sling.engine.impl.filter.AbstractSlingFilterChain.doFilter(AbstractSlingFilterChain.java:68)           在com.day.cq.analytics.provisioning.impl.UserAuthenticationRequestFilter.doFilter(UserAuthenticationRequestFilter.java:119)           at org.apache.sling.engine.impl.filter.AbstractSlingFilterChain.doFilter(AbstractSlingFilterChain.java:68)           在com.adobe.cq.social.commons.cors.CORSAuthenticationFilter.doFilter(CORSAuthenticationFilter.java:91)           at org.apache.sling.engine.impl.filter.AbstractSlingFilterChain.doFilter(AbstractSlingFilterChain.java:68)           在com.day.cq.wcm.foundation.forms.impl.FormsHandlingServlet.doFilter(FormsHandlingServlet.java:285)           at org.apache.sling.engine.impl.filter.AbstractSlingFilterChain.doFilter(AbstractSlingFilterChain.java:68)           在com.adobe.granite.optout.impl.OptOutFilter.doFilter(OptOutFilter.java:74)           at org.apache.sling.engine.impl.filter.AbstractSlingFilterChain.doFilter(AbstractSlingFilterChain.java:68)           在com.day.cq.wcm.core.impl.WCMRequestFilter.doFilter(WCMRequestFilter.java:90)           at org.apache.sling.engine.impl.filter.AbstractSlingFilterChain.doFilter(AbstractSlingFilterChain.java:68)           在com.adobe.cq.mcm.campaign.servlets.CampaignCopyTracker.doFilter(CampaignCopyTracker.java:100)           at org.apache.sling.engine.impl.filter.AbstractSlingFilterChain.doFilter(AbstractSlingFilterChain.java:68)           at org.apache.sling.rewriter.impl.RewriterFilter.doFilter(RewriterFilter.java:83)           at org.apache.sling.engine.impl.filter.AbstractSlingFilterChain.doFilter(AbstractSlingFilterChain.java:68)           在com.adobe.granite.httpcache.impl.InnerCacheFilter.doFilter(InnerCacheFilter.java:77)           在com.adobe.granite.httpcache.impl.InnerCacheFilter.doFilter(InnerCacheFilter.java:56)           at org.apache.sling.engine.impl.filter.AbstractSlingFilterChain.doFilter(AbstractSlingFilterChain.java:68)           在com.adobe.granite.rest.impl.servlet.ApiResourceFilter.doFilter(ApiResourceFilter.java:67)           at org.apache.sling.engine.impl.filter.AbstractSlingFilterChain.doFilter(AbstractSlingFilterChain.java:68)           在org.apache.sling.bgservlets.impl.BackgroundServletStarterFilter.doFilter(BackgroundServletStarterFilter.java:169)           at org.apache.sling.engine.impl.filter.AbstractSlingFilterChain.doFilter(AbstractSlingFilterChain.java:68)           at com.adobe.granite.resourceresolverhelper.impl.ResourceResolverHelperImpl.doFilter(ResourceResolverHelperImpl.java:84)           at org.apache.sling.engine.impl.filter.AbstractSlingFilterChain.doFilter(AbstractSlingFilterChain.java:68)           at org.apache.sling.engine.impl.SlingRequestProcessorImpl.doProcessRequest(SlingRequestProcessorImpl.java:151)           在org.apache.sling.engine.impl.SlingMainServlet.service(SlingMainServlet.java:216)           在org.apache.felix.http.base.internal.handler.ServletHandler.handle(ServletHandler.java:85)           在org.apache.felix.http.base.internal.dispatch.InvocationChain.doFilter(InvocationChain.java:79)           在org.apache.sling.i18n.impl.I18NFilter.doFilter(I18NFilter.java:129)           在org.apache.felix.http.base.internal.handler.FilterHandler.handle(FilterHandler.java:135)           在org.apache.felix.http.base.internal.dispatch.InvocationChain.doFilter(InvocationChain.java:74)           在org.apache.sling.security.impl.ReferrerFilter.doFilter(ReferrerFilter.java:290)           在org.apache.felix.http.base.internal.handler.FilterHandler.handle(FilterHandler.java:135)           在org.apache.felix.http.base.internal.dispatch.InvocationChain.doFilter(InvocationChain.java:74)           在com.adobe.granite.license.impl.LicenseCheckFilter.doFilter(LicenseCheckFilter.java:308)           在org.apache.felix.http.base.internal.handler.FilterHandler.handle(FilterHandler.java:135)           在org.apache.felix.http.base.internal.dispatch.InvocationChain.doFilter(InvocationChain.java:74)           在org.apache.felix.http.sslfilter.internal.SslFilter.doFilter(SslFilter.java:89)           在org.apache.felix.http.base.internal.handler.FilterHandler.handle(FilterHandler.java:135)           在org.apache.felix.http.base.internal.dispatch.InvocationChain.doFilter(InvocationChain.java:74)           at org.apache.sling.featureflags.impl.FeatureManager.doFilter(FeatureManager.java:116)           在org.apache.felix.http.base.internal.handler.FilterHandler.handle(FilterHandler.java:135)           在org.apache.felix.http.base.internal.dispatch.InvocationChain.doFilter(InvocationChain.java:74)           在org.apache.sling.engine.impl.log.RequestLoggerFilter.doFilter(RequestLoggerFilter.java:75)           在org.apache.felix.http.base.internal.handler.FilterHandler.handle(FilterHandler.java:135)           在org.apache.felix.http.base.internal.dispatch.InvocationChain.doFilter(InvocationChain.java:74)           在org.apache.felix.http.base.internal.dispatch.Dispatcher.dispatch(Dispatcher.java:124)           在org.apache.felix.http.base.internal.DispatcherServlet.service(DispatcherServlet.java:61)           在javax.servlet.http.HttpServlet.service(HttpServlet.java:725)           在org.eclipse.jetty.servlet.ServletHolder.handle(ServletHolder.java:812)           在org.eclipse.jetty.servlet.ServletHandler.doHandle(ServletHandler.java:587)           在org.eclipse.jetty.server.session.SessionHandler.doHandle(SessionHandler.java:221)           at org.eclipse.jetty.server.handler.ContextHandler.doHandle(ContextHandler.java:1127)           在org.eclipse.jetty.servlet.ServletHandler.doScope(ServletHandler.java:515)           在org.eclipse.jetty.server.session.SessionHandler.doScope(SessionHandler.java:185)           at org.eclipse.jetty.server.handler.ContextHandler.doScope(ContextHandler.java:1061)           在org.eclipse.jetty.server.handler.ScopedHandler.handle(ScopedHandler.java:141)           at org.eclipse.jetty.server.handler.ContextHandlerCollection.handle(ContextHandlerCollection.java:215)           在org.eclipse.jetty.server.handler.HandlerWrapper.handle(HandlerWrapper.java:97)           在org.eclipse.jetty.server.Server.handle(Server.java:499)           在org.eclipse.jetty.server.HttpChannel.handle(HttpChannel.java:311)           在org.eclipse.jetty.server.HttpConnection.onFillable(HttpConnection.java:257)           在org.eclipse.jetty.io.AbstractConnection $ 2.run(AbstractConnection.java:544)           在org.eclipse.jetty.util.thread.QueuedThreadPool.runJob(QueuedThreadPool.java:635)           在org.eclipse.jetty.util.thread.QueuedThreadPool $ 3.run(QueuedThreadPool.java:555)           在java.lang.Thread.run(Thread.java:745)

我也尝试过使用CURL命令,它对作者和发布都很好。

curl -u admin:admin -FcreateUser= -FauthorizableId=dd12 -Frep:password=testuser -Fprofile/email=dd@intel.com -Fprofile/age=32 -Fprofile/familyName=dd -Fprofile/givenName=dd -FintermediatePath="/home/users/test/" http://localhost:4503/libs/granite/security/post/authorizables

不幸的是,由于存在环境限制,我无法将CURL用于此项目。

我怀疑有一些配置可以在发布实例上启用GET和POST,因为我可以使用上面的java代码来实现作者实例。谁能帮帮我吗?我花了3天时间才找到解决方案,但仍在苦苦挣扎。

于2017年3月27日更新

我发现只需要添加和删除几行代码,导入java.util.Base64就可以解决这个问题了。

删除CredentialsProvider哪个setcredentials。添加以下httpPost声明。

byte[] message = "admin:admin".getBytes(StandardCharsets.UTF_8);
String encodedString = Base64.getEncoder().encodeToString(message);
httpPost.setHeader("Authorization","Basic " + encodedString);

1 个答案:

答案 0 :(得分:2)

最佳和推荐的做法是在作者上创建用户并将其复制到发布者(除非您使用的是不属于此问题范围的社区)。

您已经知道如何通过curl在作者上创建用户:

curl -u admin:admin -FcreateUser= -FauthorizableId=testuser -Frep:password=testuser -FintermediatePath="/home/users/test/" http://localhost:4502/libs/granite/security/post/authorizables 

创建用户后,您可以使用以下curl命令复制它:

curl -u admin:admin -X POST -F path="/home/users/test/testUser -F cmd="activate" http://localhost:4502/bin/replicate.json

这是更简单的解决方案,而不是在发布商中打开安全漏洞。

对于Java解决方案,您可以使用上面使用不同路径的相同Java代码来发布复制命令。

希望这有帮助。