Monday, 21 December 2015

Friday, 18 December 2015

Tuesday, 15 December 2015

Sling Model With Sightly Part - I

I have posted this blog on my current company website, you can start through the below-mentioned link-

Happy Coding.
Namah Shivay

Tuesday, 4 August 2015

Resource Resolver Object in AEM6.x Services

As we know that getAdministrativeResourceResolver() method has been deprecated from ResourceResolverFactory interface in AEM6 and above versions. Then the question is-

Q1). How to get ResourceResolver object in Sling services in AEM6.0 and above versions?
If you are working with AEM6 or AEM6.1 then you have two options-
If you know the credentials of a User and want that user credential in your service, then go with getResourceResolver() method.

Map<String, Object> param = new HashMap<String, Object>();            
try {
      resourceResolver = resourceResolverFactory.getResourceResolver(param);
}catch (Exception e){

If you don't have user credentials and want to access ResourceResolver object then you have to use
getServiceResourceResolver() method. as shown below -

Map<String, Object> param = new HashMap<String, Object>();
try {
    resourceResolver = resourceResolverFactory.getServiceResourceResolver(param);
}catch (Exception e){

Note: - In this case you have to add a configuration in your Felix Console to your AEM instance.

Q2). What configuration I need to do for AEM6.0?
For AEM6.0,  configuration steps are-
Go to Felix Console configuration tab i.e. http://localhost:4502/system/console/configMgr
Search for User Mapping as shown in figure-
Click on this service to edit it's configuration.
Here you have to add one entry and the syntax of the entry is-

"Bundle symbolic Name":"SubServieName"="User Name"

1. Bundle symbolic Name:-  Here you have to add the bundle symbolic name where you are creating a service.

2. SubServieNaem:- This is the name you provided as a value of  ResourceResolverFactory.SUBSERVICE property i.e. "testService".

3. User Name:- This  is the user name for ex. "adminSo in my case this configuration field value becomes "" After adding this entry to configuration looks like-

Now everything is set for AEM6.0.

Q3). Will these configurations work for AEM6.1?

Q4). What configuration, do I need for AEM6.1?
If you are working with AEM6.1 that you have to complete all steps explained for AEM6.0. To make these configurations  working for AEM6.1, you have to ensure that the "jcr:PrimaryType" of your user is "rep:SystemUser" i.e if you are trying to use "admin" user. Then it will not work as it's "jcr:PrimaryType" value is  "rep:User".

Q5). What do you mean by "jcr:PrimaryType" as "rep:SystemUser"?
It means that user is just not a repository user. It must be system user.

Q6). How to create System User in AEM6.0?
For creating System Users, follow these steps-

  1. Go to CRX Explorer http://localhost:6502/crx/explorer/index.jsp
  2. Login as Administrator, i.e. using "admin: admin"
  3. Click on "User Administration", you will see a screen just like this-

  4. Here you will see a option of "Create System User", Click on this button.
  5. Add a value for User Id field for ex. "testUser". 
  6. Click on green button. Close the window. Go to CRXDE Lite, your "testUser" will be created under /home/system directory. If you are not able to find then search for "testUser" in home screen. You will get the location.

Q7). How to use this user?
In your "Apache Sling Service User Mapper Service" configuration changes your entry from- to

Q8). Should I do this configuration at "Apache Sling Service User Mapper Service" configuration or should I create a "Apache Sling Service User Mapper Service Amendment" service configuration?
You can do it by both ways. But as "Apache Sling Service User Mapper Service" is a service factory in AEM6.1 so as best practices you should create another service configuration by clicking on plus button at the front of "Apache Sling Service User Mapper Service Amendment".
When you click on "+" button, one new configuration will be created at the end. Click on that  service and do this configuration there. Your code will work in the same manner as working before.

Happy Coding.
Namah Shivay

Monday, 27 July 2015

Secure Apache from Clickjacking

In this post, I will explain an important Apache2 configuration, this configuration is used to stop clickjacking. I got to know about clickjacking when I was working with security checklist in AEM.
Q1. What is clickjacking?
Clickjacking, also known as a “UI redress attack”, is when an attacker uses multiple transparent or opaque layers to trick a user into clicking on a button or link to another page when they were intending to click on the top level page. Thus, the attacker is “hijacking” clicks meant for their page and routing them to another page, most likely owned by another application, domain, or both. If it is still not clear to you then I am attaching a video URL that will explain it in a much better way.
Q2. How to stop clickjacking in the AEM using Apache2 Server?
There is a header configuration named as X-Frame-Options, using this configuration, you can stop the clickjacking.
Q3. What is the syntax of this configuration?
Header set X-Frame-Options: “sameorigin

Q4. Where do we find this configuration?
In Apache2.4 you have a security.conf file in conf-available directory. In this file, search for X-Frame-Options, it is already present there but commented by default. Now you have two options.
  1.  this setting and restart your Apache2 server. 
  2. Copy and paste this setting inApache2.conf, uncomment it, and restart your Apache server.
In my case, I copied and pasted this setting in apche2.conf file, uncommented it and restarted my Apche2 server.

Q5. Apache Server is throwing error when restarting after this configuration?
It may be possible that you will get an error  at the time of starting the Apache2 server, after adding this configuration, the reason is, this configuration requires module enabled, which is by default disabled. So enable  module and your Apache server will start running successfully.

Q6. How to enable Headers.mod in Apache2 server?
For enabling this module you have a headers.load file present in mods-available directory in your Apache2 server. In my case, it is present at /etc/apche2/mods-available. Just do one thing, create a softlink in your mods-enabled folder. If you are an Ubuntu user execute this command-
Now you will see this soft link in your mods-enabled folder. Restart your Apache2 Server.
Q7. How to check whether it’s working or not?
After restarting your Apache2 server, just hit a non cached page via Apache2 Server. Open debugger and check the response header. You will  see X-Frame-Options header field, as shown below

If you get this option on your page it means your configuration is working.

Happy Coding
Namah Shivay