4 Replies Latest reply on Mar 18, 2013 3:35 AM by tyge68

    Authenticate CQ user in Java Servlet

    ko Leung

      Hi

       

      I am currently building a java servlet under /apps/project_01/src/main/java/serviet/SampleServlet.java

       

      I need the servlet to be accessed only by CQ user.

       

      Is it possible perform user authenticationin a java servlet?

       

      Thanks

        • 1. Re: Authenticate CQ user in Java Servlet
          Yogesh Upadhyay Level 4

          Use permission sensitive caching for this path.

           

          http://helpx.adobe.com/cq/kb/PSCachingDelivery.html

           

          Yogesh

          • 2. Re: Authenticate CQ user in Java Servlet
            Sham HC Level 7

            Hi ko Leung,

             

            What is your use case?

             

            Thanks,

            Sham

            • 3. Re: Authenticate CQ user in Java Servlet
              ko Leung Level 1

              Hi Sham

               

              I want to customize the GridPanel on CQ5 > Campaigns > List page. 

               

              I have created a servlet so instead of calling Json, it uses a servlet to return a json array.

               

              config = CQ.Util.applyDefaults(config, {

                          "autoScroll": true,

                          "flex": 1,

                          "border": false,

                          "cls": "cq-security-grid",

                          //"storeProxyUrl": "/libs/cq/security/content/authorizableSearch.json",

                          "storeProxyUrl": "/TestServlet",

                          //"storeProxyUrl": "/UserRightTree",

                          "storeReaderTotalProperty": "results",

                          "storeReaderRoot": "authorizables",

                          "storeReaderId": "home",

                          "storeBaseParams": {

                              "props": config.storeReaderFields.join(","),

                              "ml": 2000 // membersLimit

                          },

               

              Are there any way that only authorised user albe to open the servlet?

               

              Thanks,

              Ko Leung

              • 4. Re: Authenticate CQ user in Java Servlet
                tyge68

                Generally in Apache Sling if the request is not authenticated then the user is anonymous (you can get the user information from the sling request object then call for example getUserPrincipal)

                if you have to check more then you can also adapt the resource resolver usually or resource to the object you need related to authorizable and so get more information which can help your servlet to define if the request should be handled or not.