April 27, 2020
Estimated Post Reading Time ~

Updating the Salesforce Connector jar(cq-mcm-salesforce) to support Proxy server and TLS 1.1 - Adobe CQ5/AEM

Steps to update Salesforce Connector jar(cq-mcm-salesforce) to support Proxy server and TLS 1.1

The AEM Salesforce connector is not supporting the Proxy Server and TLS 1.1 or TLS 1.2 versions:

This is the defect with AEM Salesforce Connector, the connector will not be able to connect to Salesforce server behind the proxy server. The SalesforceClient.java class in the connector should be changed to enable the proxy server.

The connector will not be able to connect to Salesforce server if the Adobe Experience Manager(AEM) server is running with Java version less than 1.8, Java versions less than 1.8 will not support TLS 1.1 or higher version by default but Salesforce expect TLS 1.1 or TLS 1.2 to establish the connectivity. The SalesforceClient.java class in the connector should be changed to support the TLS 1.1 or TLS 1.2, if the AEM server is running with Java version less than 1.8

I have tested this in Adobe Experience Manager(AEM) 6.1 version, this should be the same case with 6.2 also. Raise an issue with Adobe to get the hot-fix until the issue is permanently fixed.

The below is the quick fix to resolve the issue.

Download the /libs/mcm/salesforce/install/cq-mcm-salesforce-1.2.8.jar through package manager

Create a sample project - mvn org.apache.maven.plugins:maven-archetype-plugin:2.4:generate -DarchetypeGroupId=com.adobe.granite.archetypes -DarchetypeArtifactId=aem-project-archetype -DarchetypeVersion=10 -DarchetypeCatalog=https://repo.adobe.com/nexus/content/groups/public/

groupId=com.day.cq.mcm
artifactId=cq-mcm-salesforce
version=1.2.8
package=com.adobe.cq.mcm.salesforce
Enter mcm for other values

Execute mvn eclipse:eclipse command in the parent folder of the project and load the project to eclipse

Extract the downloaded jar file and decompile the class files using JAD
Create all the java classes manually in core project with same package details and copy the content from decompiled classes
Replace the pom.xml of core project with the pom.xml content from the decompiled jar



Modify SalesforceClient.java in eclipse to support Proxy Server and TLS versions:
Replace HttpClient client = HttpClients.createDefault(); in doExecuteGetRequest and doExecuteDataRequest methods with below lines of code

SSLContext sslContext=null;
try {
sslContext = SSLContexts.custom().useTLS().build();
} catch (Exception e) {
this.logger.error(e.getMessage());
}
//Allow TLSv1.1 and TLSv1.2 protocols only
SSLConnectionSocketFactory sslsf = new SSLConnectionSocketFactory(
sslContext,
new String[] { "TLSv1.1", "TLSv1.2" },
null,SSLConnectionSocketFactory.ALLOW_ALL_HOSTNAME_VERIFIER);
HttpClient client = HttpClients.custom().setSSLSocketFactory(sslsf).build();

Add the below lines of code in both doExecuteGetRequest and doExecuteDataRequest after the definition of method variable
HttpHost proxy = new HttpHost("proxy host",80);
RequestConfig config = RequestConfig.custom().setProxy(proxy).build();
method.setConfig(config);

Clean the eclipse project to compile the Java classes, replace SalesforceClient.class file in the extracted folder with the class file from eclipse project.

Update the META-INF\MAIFEST.MF file in the extracted folder to include the new required packages as part of Import-Package:

org.apache.http.client.config;version="[4.3,5)",org.apache.http.conn.ssl;version="[4.3,5)",org.apache.http.conn.socket;version="[4.3,5)"



Bundle the extracted folder as Jar(with updated SalesforeClient.class and MANIFEST.MF files) - jar cvfm cq-mcm-salesforce-1.2.8.jar META-INF/MANIFEST.MF OSGI-INF com



Install the bundle - curl -u admin:admin -F action=install -F bundlestartlevel=20 -F bundlefile=@"/jar/cq-mcm-salesforce-1.2.8.jar" http://localhost:4502/system/console/bundles


By aem4beginner

No comments:

Post a Comment

If you have any doubts or questions, please let us know.