Upgrade 14.2.1 to 14.2.2
Upgrade a Bloomreach Experience Manager implementation project from version 14.2.1 to 14.2.2.
Changed Default Behavior SecureCmsResourceServlet
To prevent such issues, as of version 14.2.2, the SecureCmsResourceServlet by default does not require an authenticated CMS session anymore to serve Experience manager resources from JAR files.
This change is fully transparent and backward-compatible. In most implementation projects, there will be no unwanted side-effects and no action is required.
However, if necessary or desired, it is possible to revert to the previous default behavior by configuring the cmsSecure init-param on the SecureCmsResourceServlet in the CMS webapp's web.xml. For example:
<servlet> <servlet-name>ServletName</servlet-name> <servlet-class>org.onehippo.cms7.utilities.servlet.SecureCmsResourceServlet</servlet-class>; <init-param> <param-name>cmsSecure</param-name> <param-value>true</param-value> </init-param> <!-- additional init-params here /--> </servlet>