Level 2

Solved

While creating user programatically in AEM it is giving javax.jcr.AccessDeniedException: Access denied.

Forum|Forum|3 years ago
January 19, 2023
5 replies
2957 views

Hi All,

Can anyone please help me when I am craeting the user programatically it is giving me the javax.jcr.AccessDeniedException: Access denied.

Thanks,

Pavan

This post is no longer active and is closed to new replies. Need help? Start a new post to ask your question.

Best answer by Nitin_laad

Hi @mandapavankumar you can try below sample code, assuming system user is having all required permission in publish environment -

 @Activate
    public void createLocalUser() {
        try {
            Map<String, Object> param = new HashMap<>();
            param.put(ResourceResolverFactory.SUBSERVICE, "system-user");
            ResourceResolver resolver = resolverFactory.getServiceResourceResolver(param);
            UserManager userManager = resolver.adaptTo(UserManager.class);
            Authorizable user = userManager.createUser("newlocaluser", "password");
            user.setProperty("firstName", "test");
            user.setProperty("lastName", "user");
            user.addGroup("group1");
            userManager.updateUser(user);
            LOG.info("Local user newlocaluser created successfully.");
            resolver.close();
        } catch (LoginException | RepositoryException e) {
            LOG.error("Error creating local user: {}", e.getMessage());
        }

Umesh_Thakur

Community Advisor

did you check the permission of the system user, you are using to save the user node.?

Please verify that.

MandaPavanKumarAuthor

Level 2

Yes I ahve verified the permissions to the system user and that user is having enough permissions to create user

Siva_Sogalapalli

Community Advisor

Below is the sample code to create user:

Map<String, Object> param = new HashMap<String, Object>();

param.put(ResourceResolverFactory.SUBSERVICE, "service-userid");

ResourceResolver resolver = resourceFact.getServiceResourceResolver(param);

org.apache.jackrabbit.api.security.user.UserManager userManager = resolver.adaptTo(org.apache.jackrabbit.api.security.user.UserManager.class);
if(userManager == null)
{
    log.error("userManager == null!");
    return;
}else {
    String username = "mytestuser";
    String password = "password";
    org.apache.jackrabbit.api.security.user.User user = userManager.createUser(username, password);
}

Note: please make sure system user has permissions to create user.

MandaPavanKumarAuthor

Level 2

Hi Siva,

Can you please correct me that in this line the login is reffering to username right.

 org.apache.jackrabbit.api.security.user.User user = userManager.createUser(login, password);

Thanks,

Pavan

Siva_Sogalapalli

Community Advisor

yes, you're right, it was typo mistake, corrected it.

Kiran_Vedantam

Community Advisor

Hi @mandapavankumar

Please check similar query with the solution here:: https://experienceleaguecommunities.adobe.com/t5/adobe-experience-manager/programmatic-user-creation-in-aem/m-p/191683

Hope this helps!

Thanks,
Kiran Vedantam.

MandaPavanKumarAuthor

Level 2

I followed the same implementation still it is showing access denied

Nitin_laad

Accepted solution

Community Advisor

Hi @mandapavankumar you can try below sample code, assuming system user is having all required permission in publish environment -

 @Activate
    public void createLocalUser() {
        try {
            Map<String, Object> param = new HashMap<>();
            param.put(ResourceResolverFactory.SUBSERVICE, "system-user");
            ResourceResolver resolver = resolverFactory.getServiceResourceResolver(param);
            UserManager userManager = resolver.adaptTo(UserManager.class);
            Authorizable user = userManager.createUser("newlocaluser", "password");
            user.setProperty("firstName", "test");
            user.setProperty("lastName", "user");
            user.addGroup("group1");
            userManager.updateUser(user);
            LOG.info("Local user newlocaluser created successfully.");
            resolver.close();
        } catch (LoginException | RepositoryException e) {
            LOG.error("Error creating local user: {}", e.getMessage());
        }

MandaPavanKumarAuthor

Level 2

Hi Nitin,

Let me try it and will you know if I face any issue.

Thanks,

Pavan

Shivam153

Level 3

You can use repository initialization concept here.

https://sling.apache.org/documentation/bundles/repository-initialization.html

Hope it will work!

Thanks!

MandaPavanKumarAuthor

Level 2

Hi Shivam,

Correct me if I am wrong that when the site was published at dispatcher level. And now if we try to create the user at AEM end is it possible ? can you please hlpe me on this.

Thanks,

Pavan

Sign up

Login with SSO

Login to the community

Login with SSO

Scanning file for viruses.

This file cannot be downloaded