AEM ResourceResolverFactory null in HTL component java class - aem

I have a HTL component class like
MyComponent extends WCMUser{
#Reference
private ResourceResolverFactory resourceResolverFactory;
But when i am trying to use it i am getting NullPointerException on same.
I even tried using #Service & #Component SCR tags but no help.

You cannot use #Reference or other annotations with your Java Use API since it is not treated as an OSGi service. Instead use the getSlingScriptHelper() to get the SlingScriptHelper object which can then be used to get the services.
public MyComponent extends WCMUsePojo {
public void activate() {
getSlingScriptHelper().getService(<<SomeService.class>>);
}
}
However if it is only the ResourceResolver that you need you can call the getResourceResolver() method available within WCMUsePojo class.
More information on Java Use-API can be found in this official doc.

Got it, so i can create another service, get ResourceResolverFactory there. Once there i can use ResourceResolverFactory in this service or pass it to WCMUse class.

Related

QueryBuilder service is returning null object in CQ5/AEM

Hi I am trying to consume QueryBuilder service in other OSGI bundle in CQ5. But the queryBuilder object is returning null value. Can i get suggestion to consume it properly?
#Reference
private QueryBuilder queryBuilder;
#Reference annotation will work only if you are specifying it in an OSGI Service. Can you confirm that its a class with #Service and #Component annotation on it?
//This is a component so it can provide or consume services
#Component
#Service
public class SearchServiceImpl implements SearchService {
/** Default log. */
protected final Logger log = LoggerFactory.getLogger(this.getClass());
private Session session;
//Inject a Sling ResourceResolverFactory
#Reference
private ResourceResolverFactory resolverFactory;
#Reference
private QueryBuilder builder;
//---- Rest of your code
}
Refer to the implementation here.
Also if you are using #Component annotation on your class, you could goto /system/console/components and search for your class and look at the details, it will tell you if the dependencies are getting resolved and state of service.

Using an interceptor with Tapestry Resteasy

I have a resource class and I'd like to be able to check an authentication token before the resource method is called, thus avoiding having to pass the token directly into the Resource method.
I have added the following to web.xml:
<context-param>
<param-name>resteasy.providers</param-name>
<param-value>com.michael.services.interceptors.AuthorisationInterceptorImpl</param-value>
</context-param>
My interceptor is implemented as follows:
#Provider
public class AuthorisationInterceptorImpl implements javax.ws.rs.container.ContainerRequestFilter {
#Inject
private ApiAuthenticationService apiAuthenticationService
#Override
public void filter(ContainerRequestContext requestContext) {
//Code to verify token
}
}
The filter method is being called before the methods in my resource class; however, the apiAuthenticationService is not being injected and is null when I attempt to call its methods.
I'm using Tapestry 5.3.7, Tapestry-Resteasy 0.3.2 and Resteasy 2.3.4.Final.
Can this be done ?
I don't think this will work, based on a quick glance at the tapestry-resteasy code.
The #Inject annotation is part of tapestry-ioc; if a class is not instantiated by Tapestry, the #Inject annotation is not honored.
Filters defined in web.xml are instantiated by the servlet container (Jetty, Tomcat, etc.) which do not have any special knowledge of Tapestry and Tapestry annotations.
I think you will be better off contributing a filter into Tapestry's HttpServletRequestHandler or RequestHandler pipelines (see their JavaDoc). I'm not sure how you can gain access to the ContainerRequestContext, however.
With tapestry-resteasy you don't need to define the provider in the web.xml file.
If you want to use Tapestry's autobuild mechanism just move your provider to the .rest package together with your resources.
If don't want to use autodiscovery/autobuild just contribute it to javax.ws.rs.core.Application
#Contribute(javax.ws.rs.core.Application.class)
public static void configureRestProviders(Configuration<Object> singletons, AuthorisationInterceptor authorisationInterceptor)
{
singletons.add(authorisationInterceptor);
}
Even though you can use rest providers for security is probably a good idea to take Howard's advice and implement your own filter in the tapestry pipeline.
BTW, you can also give tapestry-security a try :)

How to do XSS escaping on input coming into Restlet web service

I have a GWT web application using Restlet.
It has #Post annotated service methods that take a bean and perform some logic on it.
I want to XML-escape the data in these beans.
For example, say I have the following:
public class MyService extends ServerResource {
#Post
public DataBean performLogic(DataBean bean) {
...
}
}
public class DataBean {
String data;
}
Is there a way I could XML-escape DataBean.data after it's serialized but before it is sent to MyService.performLogic()?
You can override the doInit() method, this may allow you do do what you need; but will occur before any calls to your #Post #Get method in your ServerResource.
Alternatively if you need it more widely you may want to look at adding a Filter into your Command Chain and overriding the beforeHandle() method there.

Serialization Exception while making an RPC call

I have created a very basic application. I have only one service class and a corresponding Async class which contains only Java types and no custom classes. But still I get the serialization exception.
My service class looks like this.
public interface MyService extends RemoteService {
public String getName();
public Object getAdditionalDetials(ArrayList<String> ids);
public Date getJoiningDate();
}
My async interface looks like this
public interface MyServiceAsync {
public void getName(AsyncCallback<String> callback);
public void getAdditionalDetials(ArrayList<String> ids, AsyncCallback<Object> callback);
public void getJoiningDate(AsyncCallback<Date> callback);
}
I know I am making some stupid mistake.
I am Naive in gwt rpc and serialization mechanism, but will try to answer your question.
Whenever you write classes involving an RPC, GWT creates a Serialization Policy File. The serialization policy file contains a whitelist of allowed types which may be serialized.
In your Service methods, all the types you mention and refer will be automatically added to this list if they implements IsSerializable. In your case you have used the following two methods,
public String getName();
public Date getJoiningDate();
Here you have used String and Date as your return types and hence it is added to your Serialization Policy File. But in the below method their lies a problem,
public Object getAdditionalDetials(Arraylist<String> ids);
Here you have used ArrayList and String that is not a problem and they will be added to your whitelist, but the problem is you have mentioned return type as Object. Here GWT Compiler does not know what type to be added to whitelist or Serialization Policy and hence it wont pass your RPC call. The solution is use mention a class which implements IsSerializable instead of mentioning the return type of type Object.
FWIW, I was having this problem but my 'Object' type was hidden behind generified classes.
So if one of your rpc methods involves a class:
class Xxx<T> implements IsSerializable {...
It needs to change to:
class Xxx<T extends IsSerializable> implements IsSerializable {...

Serialize aspectj method in GWT

I've try to expose to the client(gwt) an aspectJ method through gwt-rpc, but the gwt client can't find the method defined in an aspect. The class that i expose implements IsSerializable and only it's method are visible to the client interface...the method added by their aspect contrariwise no. How i can fix this? thanks in advice.
p.s. i post a little example for more clarity:
this is the class...
public class Example implements IsSerializable{
private String name;
public setName(String name){
this.name=name
}
}
and this is the aspect...
privileged aspect Example_x{
public int Example.getVersion() {
return this.version;
}
}
The Example.getVersion() method is unavailable on the client side.
TNX
This won't work, as GWT needs access to the source of any Java class that is exposed to the client side. This is necessary to compile them from Java to Javascript. If you modify your classes using AspectJ, the added methods will not be visible to the GWT compiler and therefore not to the client.
I'd say AspectJ is simply the wrong tool for this task. If you want to add some methods to existing classes you could write a (possibly generic) container class that contains an instance of Example as well as the version information from Example_x.