From Passion to Profession
  • Home
  • Notes
  • Projects
  • Resources
    • Discovery Log
    • Books I Read
    • Blogs I Visit
    • Tools I Use
  • Home
  • Notes
  • Projects
  • Resources
    • Discovery Log
    • Books I Read
    • Blogs I Visit
    • Tools I Use

Expose API on a CQ Author Node

1/22/2014

0 Comments

 
Picture
In CQ, let's say we want to expose some sort of REST API for our internal clients, but don't want these API's accessible by the public. For example, say we'd like the said JSP to be available internally (inside firewall), and to be invoked via the web. The API's responsibility is to clear Dispatcher cache via curl command behind the scene.

Approach

Make the service API available on the Author node (not the Publish node). If your Author node resides inside a firewall, then only internal clients have access to. Instead of coding SlingServlet (see references) in CQ, we can choose to code JSP and have it been accessed through the standard sling URL decomposition. Sling then looks for a special property on that node named "sling:resourceType", then Sling will look under /apps (then /lib) to find a script according to the value of "sling:resouorceType".

Without writing a SlingServlet, we can simply code a JSP file using CRXDE Lite, and have the java code on the JSP page to be invoked. The example is to have a JSP to be invoked from the web. Its responsibility is to clear Dispatcher cache via curl command behind the scene. To invoke the JSP deployed on the Author node: 
http://localhost:4502/apps/company/tools/dispatcher/invalidate?url=http://dictionary.company.com/definition/master-validity.html
However, for accessibility on Author node, you must remember to poke a hole on the Author node so accessing the above said API (JSP) won't require username and password credential. Also, for security concern, remember not to replicate such .jsp node to your Publish node unless it's necessary.

To poke a hole, you need: 
  1. to give read access to 'everyone' group for accessing the node that you have the jsp code, and 
  2. to give read access to 'everyone' group for accessing any other node(s) that you referenced by the jsp code, and
  3. config 'Apache Sling Authentication Service' so that access to the jsp node won't trigger authentication.

Give read access to 'everyone' group for the JSP node and other nodes:
  1. http://localhost:4502/useradmin
  2. search for 'everyone'
  3. double-click on 'everyone' group
  4. click on 'permissions' tab of 'everyone' group
  5. navigate to the folder(s) and check 'read'
  6. save

Config 'Apache Sling Authentication Service' so that access to the node won't trigger authentication:
  1. http://localhost:4502/system/console/configMgr
  2. Find and click on 'Apache Sling Authentication Service'
  3. In 'Authentication Requirements' field, add '-' followed by the relative path you'd like authentication be disabled for. e.g. '-/apps/tools/dispatcher/invalidate'
  4. Save

references

  • Configuring Anonymous access for Sling Servlet
  • CQ Tips and Tricks #1 – How to define a SlingServlet [CQ5.5-5.6]
  • How to write a custom SlingServlet
0 Comments



Leave a Reply.

    Categories

    All
    Algorithm
    Concurrency
    CQ
    Data Structure
    Design Pattern
    Developer Tool
    Dynamic Programming
    Entrepreneur
    Functional Programming
    IDE
    Java
    JMX
    Marketing
    Marklogic
    Memory
    OSGI
    Performance
    Product
    Product Management
    Security
    Services
    Sling
    Social Media Programming
    Software Development

    Feed Widget

    Archives

    May 2020
    March 2020
    April 2018
    March 2018
    February 2018
    December 2017
    March 2017
    November 2016
    June 2016
    May 2016
    April 2016
    October 2015
    September 2015
    August 2015
    September 2014
    July 2014
    June 2014
    May 2014
    March 2014
    January 2014
    December 2013
    November 2013
    October 2013
    September 2013
    August 2013
    July 2013
    June 2013

    RSS Feed

in loving memory of my mother  and my 4th aunt
Photos from net_efekt, schani, visnup, Dan Zen, gadl, bobbigmac, Susana López-Urrutia, jwalsh, Philippe Put, michael pollak, oskay, Creative Tools, Violentz, Kyknoord, mobilyazilar