Home Redirecting all 403 forbidden request to 404 page in aem
Reply: 2

Redirecting all 403 forbidden request to 404 page in aem

Junaid Zubair
Junaid Zubair Published in 2017-12-03 08:18:22Z

I am trying to redirect all forbidden request to 404 'not found' page. Url I am trying to access. http://localhost:4503/content/mysite/home.html (it is working fine). But when I try to access, http://localhost:4503/content/mysite (it is forbidden here). My site is developed in adobe experience manager and I don't see any config/setting related with redirecting. So, I have to do something on web server which is Apache here. And I am not pretty much familiar with Apache and creating rules in it. I would like to ask if there is anything that redirect any forbidden request to 404 not found page.

Ankur Vashisht
Ankur Vashisht Reply to 2017-12-03 14:00:30Z

You can apply a simple rule in dispatcher using /filter section to specify the HTTP requests that Dispatcher accepts. All other requests are sent back to the web server with a 404 error code.

In your case, it could be something like.

/filter {
    /0001  { /glob "*" /type "deny" }
    /0002 { /type "allow" /method "POST" /url "/content/mysite/[.]*.html" }

This will first deny access to all files and then allow access to specific content, which *.html pages under /mysite in this case.

Abhishek Reply to 2017-12-04 22:13:33Z

There are different options that you can try.

  1. If the intent is to display some friendly message instead of the default forbidden message, you can define your own 403 error handler in AEM. Overlay the 403.jsp at /apps/sling/servlet/errorhandler/ and add your custom html for displaying a relevant error message. HTTP response status code would still be 403 in this case. Examples can be found in this Adobe's blog. https://helpx.adobe.com/experience-manager/6-3/sites/developing/using/customizing-errorhandler-pages.html
  2. If you do not want the 403 HTTP status code in the response, you can try to override the status code in the aforementioned 403.jsp. In the JSP code, if the response is not already committed, you can use HttpServletResponse.setStatus API to set the 404 status code. If the response is already committed, this would not work as described in this Sling blog https://sling.apache.org/documentation/the-sling-engine/errorhandling.html
  3. You can override it in the webserver using mod_rewrite or PHP. This SO question shows the options to achieve this.
You need to login account before you can post.

About| Privacy statement| Terms of Service| Advertising| Contact us| Help| Sitemap|
Processed in 0.318237 second(s) , Gzip On .

© 2016 Powered by mzan.com design MATCHINFO