Upgrade 14.2.1 to 14.2.2

Introduction

Goal

Upgrade a Bloomreach Experience Manager implementation project from version 14.2.1 to 14.2.2.

Relevant Changes

Changed Default Behavior SecureCmsResourceServlet

Experience manager resources such as Javascript, CSS, and font files are served from JAR files by the SecureCmsResourceServlet. In Bloomreach Experience Manager 14.2.1 and earlier, the SecureCmsResourceServlet only served such resources to authenticated CMS users. This could lead to issues with external frontend applications which would not be able to access these resources needed for channel editing integration.

To prevent such issues, as of version 14.2.2, the SecureCmsResourceServlet by default does not require an authenticated CMS session anymore to serve Experience manager resources from JAR files.

This change is fully transparent and backward-compatible. In most implementation projects, there will be no unwanted side-effects and no action is required.

However, if necessary or desired, it is possible to revert to the previous default behavior by configuring the cmsSecure init-param on the SecureCmsResourceServlet in the CMS webapp's web.xml. For example:

<servlet>
  <servlet-name>ServletName</servlet-name>
  <servlet-class>org.onehippo.cms7.utilities.servlet.SecureCmsResourceServlet</servlet-class>;
  <init-param>
    <param-name>cmsSecure</param-name>
    <param-value>true</param-value>
  </init-param>
  <!-- additional init-params here /-->
</servlet>
Did you find this page helpful?
How could this documentation serve you better?
On this page
    Did you find this page helpful?
    How could this documentation serve you better?