我正在研究adobe aem cq 6并使用Java应用程序中的HttpPost创建用户。 作者实例的此代码正常,但发布实例 。
JAVA代码
public static void createUser() throws IOException
{
CredentialsProvider credsProvider = new BasicCredentialsProvider();
credsProvider.setCredentials(
new AuthScope(AuthScope.ANY_HOST, AuthScope.ANY_PORT),
new UsernamePasswordCredentials("admin", "admin"));
CloseableHttpClient httpclient = HttpClients.custom()
.setDefaultCredentialsProvider(credsProvider)
.build();
HttpPost httpPost = new HttpPost("http://localhost:4503/libs/granite/security/post/authorizables");
List <NameValuePair> nvps = new ArrayList <NameValuePair>();
nvps.add(new BasicNameValuePair("createUser", ""));
nvps.add(new BasicNameValuePair("authorizableId", "dd90"));
nvps.add(new BasicNameValuePair("rep:password", "dd90"));
nvps.add(new BasicNameValuePair("profile/email", "dd90@hotmail.com"));
nvps.add(new BasicNameValuePair("intermediatePath", "/home/users/test/"));
httpPost.setEntity(new UrlEncodedFormEntity(nvps));
CloseableHttpResponse response2 = httpclient.execute(httpPost);
try {
System.out.println(response2.getStatusLine());
HttpEntity entity2 = response2.getEntity();
System.out.println(EntityUtils.toString(response2.getEntity()));
// do something useful with the response body
// and ensure it is fully consumed
EntityUtils.consume(entity2);
} finally {
response2.close();
}
}
我从cq error.log
中得到以下错误POST / libs / granite / security / post / authorizables HTTP / 1.1] com.adobe.granite.security.user.internal.servlets.AuthorizableServlet 处理AuthorizableServlet POST时出错 javax.jcr.AccessDeniedException:null 在org.apache.jackrabbit.oak.util.NodeUtil.addChild(NodeUtil.java:113) 在org.apache.jackrabbit.oak.util.NodeUtil.getOrAddTree(NodeUtil.java:171) at org.apache.jackrabbit.oak.security.user.UserProvider.createFolderNodes(UserProvider.java:306) at org.apache.jackrabbit.oak.security.user.UserProvider.createAuthorizableNode(UserProvider.java:257) at org.apache.jackrabbit.oak.security.user.UserProvider.createUser(UserProvider.java:185) at org.apache.jackrabbit.oak.security.user.UserManagerImpl.createUser(UserManagerImpl.java:162) 在org.apache.jackrabbit.oak.jcr.delegate.UserManagerDelegator $ 9.perform(UserManagerDelegator.java:177) 在org.apache.jackrabbit.oak.jcr.delegate.UserManagerDelegator $ 9.perform(UserManagerDelegator.java:173) 在org.apache.jackrabbit.oak.jcr.delegate.SessionDelegate.perform(SessionDelegate.java:208) 在org.apache.jackrabbit.oak.jcr.delegate.UserManagerDelegator.createUser(UserManagerDelegator.java:173) at com.adobe.granite.security.user.internal.servlets.AuthorizableServlet.create(AuthorizableServlet.java:800) at com.adobe.granite.security.user.internal.servlets.AuthorizableServlet.doPost(AuthorizableServlet.java:707) at org.apache.sling.api.servlets.SlingAllMethodsServlet.mayService(SlingAllMethodsServlet.java:149) 在org.apache.sling.api.servlets.SlingSafeMethodsServlet.service(SlingSafeMethodsServlet.java:345) 在org.apache.sling.api.servlets.SlingSafeMethodsServlet.service(SlingSafeMethodsServlet.java:376) 在org.apache.sling.engine.impl.request.RequestData.service(RequestData.java:546) 在org.apache.sling.engine.impl.filter.SlingComponentFilterChain.render(SlingComponentFilterChain.java:44) at org.apache.sling.engine.impl.filter.AbstractSlingFilterChain.doFilter(AbstractSlingFilterChain.java:77) 在com.day.cq.personalization.impl.TargetComponentFilter.doFilter(TargetComponentFilter.java:96) at org.apache.sling.engine.impl.filter.AbstractSlingFilterChain.doFilter(AbstractSlingFilterChain.java:68) 在com.day.cq.wcm.core.impl.WCMDebugFilter.doFilter(WCMDebugFilter.java:151) at org.apache.sling.engine.impl.filter.AbstractSlingFilterChain.doFilter(AbstractSlingFilterChain.java:68) at com.day.cq.wcm.core.impl.WCMComponentFilter.filterRootInclude(WCMComponentFilter.java:362) 在com.day.cq.wcm.core.impl.WCMComponentFilter.doFilter(WCMComponentFilter.java:177) at org.apache.sling.engine.impl.filter.AbstractSlingFilterChain.doFilter(AbstractSlingFilterChain.java:68) at org.apache.sling.engine.impl.SlingRequestProcessorImpl.processComponent(SlingRequestProcessorImpl.java:282) 在org.apache.sling.engine.impl.filter.RequestSlingFilterChain.render(RequestSlingFilterChain.java:49) at org.apache.sling.engine.impl.filter.AbstractSlingFilterChain.doFilter(AbstractSlingFilterChain.java:77) 在com.adobe.cq.social.ugcbase.security.impl.SaferSlingPostServlet.doFilter(SaferSlingPostServlet.java:126) at org.apache.sling.engine.impl.filter.AbstractSlingFilterChain.doFilter(AbstractSlingFilterChain.java:68) 在com.day.cq.dam.core.impl.assetlinkshare.AdhocAssetShareAuthHandler.doFilter(AdhocAssetShareAuthHandler.java:381) at org.apache.sling.engine.impl.filter.AbstractSlingFilterChain.doFilter(AbstractSlingFilterChain.java:68) 在com.day.cq.dam.core.impl.servlet.ActivityRecordHandler.doFilter(ActivityRecordHandler.java:155) at org.apache.sling.engine.impl.filter.AbstractSlingFilterChain.doFilter(AbstractSlingFilterChain.java:68) 在org.apache.sling.engine.impl.filter.AbstractSlingFilterChain.doFilter(AbstractSlingFilterChain.java:73) 在com.adobe.granite.requests.logging.impl.RequestLoggerImpl.doFilter(RequestLoggerImpl.java:114) at org.apache.sling.engine.impl.filter.AbstractSlingFilterChain.doFilter(AbstractSlingFilterChain.java:68) 在com.adobe.granite.csrf.impl.CSRFFilter.doFilter(CSRFFilter.java:220) at org.apache.sling.engine.impl.filter.AbstractSlingFilterChain.doFilter(AbstractSlingFilterChain.java:68) 在org.apache.sling.security.impl.ContentDispositionFilter.doFilter(ContentDispositionFilter.java:181) at org.apache.sling.engine.impl.filter.AbstractSlingFilterChain.doFilter(AbstractSlingFilterChain.java:68) 在com.day.cq.wcm.core.impl.AuthoringUIModeServiceImpl.doFilter(AuthoringUIModeServiceImpl.java:292) at org.apache.sling.engine.impl.filter.AbstractSlingFilterChain.doFilter(AbstractSlingFilterChain.java:68) 在com.day.cq.wcm.core.impl.warp.TimeWarpFilter.doFilter(TimeWarpFilter.java:106) at org.apache.sling.engine.impl.filter.AbstractSlingFilterChain.doFilter(AbstractSlingFilterChain.java:68) 在com.day.cq.wcm.mobile.core.impl.redirect.RedirectFilter.doFilter(RedirectFilter.java:248) at org.apache.sling.engine.impl.filter.AbstractSlingFilterChain.doFilter(AbstractSlingFilterChain.java:68) 在org.apache.sling.i18n.impl.I18NFilter.doFilter(I18NFilter.java:129) at org.apache.sling.engine.impl.filter.AbstractSlingFilterChain.doFilter(AbstractSlingFilterChain.java:68) at org.apache.sling.engine.impl.debug.RequestProgressTrackerLogFilter.doFilter(RequestProgressTrackerLogFilter.java:95) at org.apache.sling.engine.impl.filter.AbstractSlingFilterChain.doFilter(AbstractSlingFilterChain.java:68) 在com.day.cq.analytics.provisioning.impl.UserAuthenticationRequestFilter.doFilter(UserAuthenticationRequestFilter.java:119) at org.apache.sling.engine.impl.filter.AbstractSlingFilterChain.doFilter(AbstractSlingFilterChain.java:68) 在com.adobe.cq.social.commons.cors.CORSAuthenticationFilter.doFilter(CORSAuthenticationFilter.java:91) at org.apache.sling.engine.impl.filter.AbstractSlingFilterChain.doFilter(AbstractSlingFilterChain.java:68) 在com.day.cq.wcm.foundation.forms.impl.FormsHandlingServlet.doFilter(FormsHandlingServlet.java:285) at org.apache.sling.engine.impl.filter.AbstractSlingFilterChain.doFilter(AbstractSlingFilterChain.java:68) 在com.adobe.granite.optout.impl.OptOutFilter.doFilter(OptOutFilter.java:74) at org.apache.sling.engine.impl.filter.AbstractSlingFilterChain.doFilter(AbstractSlingFilterChain.java:68) 在com.day.cq.wcm.core.impl.WCMRequestFilter.doFilter(WCMRequestFilter.java:90) at org.apache.sling.engine.impl.filter.AbstractSlingFilterChain.doFilter(AbstractSlingFilterChain.java:68) 在com.adobe.cq.mcm.campaign.servlets.CampaignCopyTracker.doFilter(CampaignCopyTracker.java:100) at org.apache.sling.engine.impl.filter.AbstractSlingFilterChain.doFilter(AbstractSlingFilterChain.java:68) at org.apache.sling.rewriter.impl.RewriterFilter.doFilter(RewriterFilter.java:83) at org.apache.sling.engine.impl.filter.AbstractSlingFilterChain.doFilter(AbstractSlingFilterChain.java:68) 在com.adobe.granite.httpcache.impl.InnerCacheFilter.doFilter(InnerCacheFilter.java:77) 在com.adobe.granite.httpcache.impl.InnerCacheFilter.doFilter(InnerCacheFilter.java:56) at org.apache.sling.engine.impl.filter.AbstractSlingFilterChain.doFilter(AbstractSlingFilterChain.java:68) 在com.adobe.granite.rest.impl.servlet.ApiResourceFilter.doFilter(ApiResourceFilter.java:67) at org.apache.sling.engine.impl.filter.AbstractSlingFilterChain.doFilter(AbstractSlingFilterChain.java:68) 在org.apache.sling.bgservlets.impl.BackgroundServletStarterFilter.doFilter(BackgroundServletStarterFilter.java:169) at org.apache.sling.engine.impl.filter.AbstractSlingFilterChain.doFilter(AbstractSlingFilterChain.java:68) at com.adobe.granite.resourceresolverhelper.impl.ResourceResolverHelperImpl.doFilter(ResourceResolverHelperImpl.java:84) at org.apache.sling.engine.impl.filter.AbstractSlingFilterChain.doFilter(AbstractSlingFilterChain.java:68) at org.apache.sling.engine.impl.SlingRequestProcessorImpl.doProcessRequest(SlingRequestProcessorImpl.java:151) 在org.apache.sling.engine.impl.SlingMainServlet.service(SlingMainServlet.java:216) 在org.apache.felix.http.base.internal.handler.ServletHandler.handle(ServletHandler.java:85) 在org.apache.felix.http.base.internal.dispatch.InvocationChain.doFilter(InvocationChain.java:79) 在org.apache.sling.i18n.impl.I18NFilter.doFilter(I18NFilter.java:129) 在org.apache.felix.http.base.internal.handler.FilterHandler.handle(FilterHandler.java:135) 在org.apache.felix.http.base.internal.dispatch.InvocationChain.doFilter(InvocationChain.java:74) 在org.apache.sling.security.impl.ReferrerFilter.doFilter(ReferrerFilter.java:290) 在org.apache.felix.http.base.internal.handler.FilterHandler.handle(FilterHandler.java:135) 在org.apache.felix.http.base.internal.dispatch.InvocationChain.doFilter(InvocationChain.java:74) 在com.adobe.granite.license.impl.LicenseCheckFilter.doFilter(LicenseCheckFilter.java:308) 在org.apache.felix.http.base.internal.handler.FilterHandler.handle(FilterHandler.java:135) 在org.apache.felix.http.base.internal.dispatch.InvocationChain.doFilter(InvocationChain.java:74) 在org.apache.felix.http.sslfilter.internal.SslFilter.doFilter(SslFilter.java:89) 在org.apache.felix.http.base.internal.handler.FilterHandler.handle(FilterHandler.java:135) 在org.apache.felix.http.base.internal.dispatch.InvocationChain.doFilter(InvocationChain.java:74) at org.apache.sling.featureflags.impl.FeatureManager.doFilter(FeatureManager.java:116) 在org.apache.felix.http.base.internal.handler.FilterHandler.handle(FilterHandler.java:135) 在org.apache.felix.http.base.internal.dispatch.InvocationChain.doFilter(InvocationChain.java:74) 在org.apache.sling.engine.impl.log.RequestLoggerFilter.doFilter(RequestLoggerFilter.java:75) 在org.apache.felix.http.base.internal.handler.FilterHandler.handle(FilterHandler.java:135) 在org.apache.felix.http.base.internal.dispatch.InvocationChain.doFilter(InvocationChain.java:74) 在org.apache.felix.http.base.internal.dispatch.Dispatcher.dispatch(Dispatcher.java:124) 在org.apache.felix.http.base.internal.DispatcherServlet.service(DispatcherServlet.java:61) 在javax.servlet.http.HttpServlet.service(HttpServlet.java:725) 在org.eclipse.jetty.servlet.ServletHolder.handle(ServletHolder.java:812) 在org.eclipse.jetty.servlet.ServletHandler.doHandle(ServletHandler.java:587) 在org.eclipse.jetty.server.session.SessionHandler.doHandle(SessionHandler.java:221) at org.eclipse.jetty.server.handler.ContextHandler.doHandle(ContextHandler.java:1127) 在org.eclipse.jetty.servlet.ServletHandler.doScope(ServletHandler.java:515) 在org.eclipse.jetty.server.session.SessionHandler.doScope(SessionHandler.java:185) at org.eclipse.jetty.server.handler.ContextHandler.doScope(ContextHandler.java:1061) 在org.eclipse.jetty.server.handler.ScopedHandler.handle(ScopedHandler.java:141) at org.eclipse.jetty.server.handler.ContextHandlerCollection.handle(ContextHandlerCollection.java:215) 在org.eclipse.jetty.server.handler.HandlerWrapper.handle(HandlerWrapper.java:97) 在org.eclipse.jetty.server.Server.handle(Server.java:499) 在org.eclipse.jetty.server.HttpChannel.handle(HttpChannel.java:311) 在org.eclipse.jetty.server.HttpConnection.onFillable(HttpConnection.java:257) 在org.eclipse.jetty.io.AbstractConnection $ 2.run(AbstractConnection.java:544) 在org.eclipse.jetty.util.thread.QueuedThreadPool.runJob(QueuedThreadPool.java:635) 在org.eclipse.jetty.util.thread.QueuedThreadPool $ 3.run(QueuedThreadPool.java:555) 在java.lang.Thread.run(Thread.java:745)
我也尝试过使用CURL命令,它对作者和发布都很好。
curl -u admin:admin -FcreateUser= -FauthorizableId=dd12 -Frep:password=testuser -Fprofile/email=dd@intel.com -Fprofile/age=32 -Fprofile/familyName=dd -Fprofile/givenName=dd -FintermediatePath="/home/users/test/" http://localhost:4503/libs/granite/security/post/authorizables
不幸的是,由于存在环境限制,我无法将CURL用于此项目。
我怀疑有一些配置可以在发布实例上启用GET和POST,因为我可以使用上面的java代码来实现作者实例。谁能帮帮我吗?我花了3天时间才找到解决方案,但仍在苦苦挣扎。
于2017年3月27日更新
我发现只需要添加和删除几行代码,导入java.util.Base64就可以解决这个问题了。
删除CredentialsProvider哪个setcredentials。添加以下httpPost声明。
byte[] message = "admin:admin".getBytes(StandardCharsets.UTF_8);
String encodedString = Base64.getEncoder().encodeToString(message);
httpPost.setHeader("Authorization","Basic " + encodedString);
答案 0 :(得分:2)
最佳和推荐的做法是在作者上创建用户并将其复制到发布者(除非您使用的是不属于此问题范围的社区)。
您已经知道如何通过curl在作者上创建用户:
curl -u admin:admin -FcreateUser= -FauthorizableId=testuser -Frep:password=testuser -FintermediatePath="/home/users/test/" http://localhost:4502/libs/granite/security/post/authorizables
创建用户后,您可以使用以下curl命令复制它:
curl -u admin:admin -X POST -F path="/home/users/test/testUser -F cmd="activate" http://localhost:4502/bin/replicate.json
这是更简单的解决方案,而不是在发布商中打开安全漏洞。
对于Java解决方案,您可以使用上面使用不同路径的相同Java代码来发布复制命令。
希望这有帮助。