0
votes

I am following this article to to automate uploading multiple images in AEM 6.1.

https://helpx.adobe.com/experience-manager/using/multiple-digital-assets.html

At following line of writeToClientLib method of HandleFile.java, it throws NullPointerException when I try to upload images using client.

ResourceResolver resourceResolver = resolverFactory.getAdministrativeResourceResolver(null);
1
Actually you should not need a resolver from a factory. You have a request which gives you via getResourceResolver() the resolver with the appropriate user permissions. That should be all you need. - cwoeltge
How do you get a reference to the resolverFactory? - Robert Munteanu
@cwoeltge I tried using req.getResourceResolver(); on HttpServletRequest, It gives 'root not accessible' error message, unless I enable 'anonymous' access on the root using http://<localhost>:<port>/useradmin. Once it is enabled, I am able to upload files. - V. Patel
Having to enable anonymous access seems to indicate that the incoming request is not authenticated. You should fix that instead of using an administrative resolver which effectively bypasses all access control. - Bertrand Delacretaz
It looks like that example is using httpclient 4.x, you should be able to set the credentials as done with the PreemptiveAuthInterceptor in the github.com/apache/sling/tree/trunk/testing/tools module. - Bertrand Delacretaz

1 Answers

0
votes

Not sure what exactly is happening in your case (a stack trace would make it more readable). I'd expect a LoginException in this situation.

Anyway, you shouldn't be using the getAdministrativeResourceResolver method. It has been deprecated.

as of 2.4 (bundle version 2.5.0) because of inherent security issues. Services requiring specific permissions should use the getServiceResourceResolver(Map) instead.

and further on:

NOTE: This method is intended for use by infrastructure bundles to access the repository and provide general services. This method MUST not be used to handle client requests of whatever kinds. To handle client requests a regular authenticated resource resolver retrieved through getResourceResolver(Map) must be used.

Whatever problem you have might just disappear if you follow the advice from the Javadoc and implement this in a secure way.