Without writing a SlingServlet, we can simply code a JSP file using CRXDE Lite, and have the java code on the JSP page to be invoked. The example is to have a JSP to be invoked from the web. Its responsibility is to clear Dispatcher cache via curl command behind the scene. To invoke the JSP deployed on the Author node:
To poke a hole, you need:
- to give read access to 'everyone' group for accessing the node that you have the jsp code, and
- to give read access to 'everyone' group for accessing any other node(s) that you referenced by the jsp code, and
- config 'Apache Sling Authentication Service' so that access to the jsp node won't trigger authentication.
Give read access to 'everyone' group for the JSP node and other nodes:
- search for 'everyone'
- double-click on 'everyone' group
- click on 'permissions' tab of 'everyone' group
- navigate to the folder(s) and check 'read'
Config 'Apache Sling Authentication Service' so that access to the node won't trigger authentication:
- Find and click on 'Apache Sling Authentication Service'
- In 'Authentication Requirements' field, add '-' followed by the relative path you'd like authentication be disabled for. e.g. '-/apps/tools/dispatcher/invalidate'