CQ5:调用Post servlet时发生403 Forbidden [英] CQ5: 403 Forbidden occurs when call a Post servlet

问题描述

我正在使用此代码为我的CQ5示例应用程序创建Post方法.

Hi I'm using this code to create a Post method for my CQ5 example application.

package com.adobe.cq.sling;

import java.io.BufferedReader;
import java.io.IOException;
import java.io.InputStream;
import java.io.InputStreamReader;
import java.io.PrintWriter;
import java.net.HttpURLConnection;
import java.net.URL;
import java.rmi.ServerException;
import java.util.Dictionary;

import org.apache.felix.scr.annotations.Properties;
import org.apache.felix.scr.annotations.Property;
import org.apache.felix.scr.annotations.Reference;
import org.apache.felix.scr.annotations.sling.SlingServlet;
import org.apache.sling.api.SlingHttpServletRequest;
import org.apache.sling.api.SlingHttpServletResponse;
import org.apache.sling.api.servlets.SlingSafeMethodsServlet;
import org.apache.sling.commons.osgi.OsgiUtil;
import org.apache.sling.jcr.api.SlingRepository;
import org.apache.felix.scr.annotations.Reference;
import org.osgi.service.component.ComponentContext;
import javax.jcr.Session;
import javax.jcr.Node; 
import org.json.simple.JSONObject;
import java.util.UUID;

@SlingServlet(paths="/bin/mySearchServlet", methods = "POST", metatype=true)
public class HandleClaim extends org.apache.sling.api.servlets.SlingAllMethodsServlet {
     private static final long serialVersionUID = 2598426539166789515L;


     @Override
     protected void doPost(SlingHttpServletRequest request, SlingHttpServletResponse response) throws ServerException, IOException {

      try
      {
         //Get the submitted form data that is sent from the
              //CQ web page  
          String id = UUID.randomUUID().toString();
          String firstName = request.getParameter("firstName");
          String lastName = request.getParameter("lastName");
          String address = request.getParameter("address");
          String cat = request.getParameter("cat");
          String state = request.getParameter("state");
          String details = request.getParameter("details");
          String date = request.getParameter("date"); 
          String city = request.getParameter("city"); 

          //Encode the submitted form data to JSON
          JSONObject obj=new JSONObject();
          obj.put("id",id);
          obj.put("firstname",firstName);
          obj.put("lastname",lastName);
          obj.put("address",address);
          obj.put("cat",cat);
          obj.put("state",state);
          obj.put("details",details);
          obj.put("date",date);
          obj.put("city",city);

             //Get the JSON formatted data    
          String jsonData = obj.toJSONString();

             //Return the JSON formatted data
         response.getWriter().write(jsonData);
      }
      catch(Exception e)
      {
          e.printStackTrace();
      }
    }
}

可以正常处理GET请求.但是对于POST(doPost)请求，我收到了一条消息:403 Forbidden.我应该怎么做才能解决此问题?

it work ok with a GET request. But for a POST(doPost) request i recevied a message: 403 Forbidden. What i should do to resolve this issue ?

推荐答案

如果您从内部客户端调用该方法(例如:位于应用程序中的jsp文件，ajax或Servlet)，则永远不会发生此问题.但是，如果您从外部客户端(另一个网站或REST客户端插件...)调用它，则会触发CQ安全筛选器以阻止您执行操作，然后返回403错误以删除此错误，请按照以下步骤操作:

This issue will never happen If you call the method from internal client (for example: jsp file, ajax or Servlets that located in your application). However if you call it from external client (another website or REST client plugin...) CQ security filter will be triggered to prevent your action then return 403 error to remove this please follow these steps:

1/ http://localhost:4502/system/console/configMgr
2/搜索"Apache Sling引荐来源过滤器"
3/从过滤器中删除POST方法.然后，您可以在任何地方调用POST方法.

1/ http://localhost:4502/system/console/configMgr
2/ Search for 'Apache Sling Referrer Filter'
3/ Remove POST method from the filter. Then you can call your POST method anywhere.

这篇关于CQ5:调用Post servlet时发生403 Forbidden的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！