Expand my Community achievements bar.

SOLVED

AEM User Access Control: Groups and Permissions in Access Control Entries (ACEs)

Avatar

Level 2
Level 2
9/22/22 12:32:40 PM

What each of the Access Control Entries (ACEs) mean and what they are good for?  Where can I find a cheat sheet from Adobe to indicate what each of the ACE items such as: such as: /apps ; /conf ; /content ; /etc ; /home ; /libs ; /mnt ; /system ; /tmp ; var   are good for and what permission they control.  Does anyone have the OOTB best practices of how to give permissions and select groups for different roles. 

 

For example, I am not sure which one of those controls the drag and drop functionality, which one controls the filtering, which one controls the top navigation menu, etc.

Views

428

Replies

1
Sign in to like this content

Total Likes

Translate
Translate
1 Accepted Solution

Avatar

Correct answer by
Employee
Employee
9/22/22 10:19:57 PM

https://experienceleague.adobe.com/docs/experience-manager-65/administering/security/security.html?l...

 

Usually, you would want to create your project-specific groups as members of OOTB groups mentioned in the above link and then add/remove permissions on top of it.

For what each folder do :- 

https://experienceleaguecommunities.adobe.com/t5/adobe-experience-manager/what-s-the-use-of-tmp-var-...

  • /apps - components (content and pages) , templates,clientlibs
  • /content - site pages , dam assets , XF, TAGS
  • /tmp is for temporary space, which could get recreated on every startup. Do not store data there which should survive a restart.
  • /var: temporary data, which needs to survive a retart
  • /bin: shouldn't be there. Typically created by accident, when you hit some servlet bound to the /bin folder, but the servlet is not registered yet.
  • /conf: That's the place where configuration is stored. Check the documentation of Sling Context-Aware Configuration for it. , templates config, Workflows etc
  • /system: That's for the system, don't mess with it.

View solution in original post

Views

426

Replies

0
Sign in to like this content

Total Likes

Translate
Translate
Jump to reply
1 Reply

Avatar

Correct answer by
Employee
Employee
9/22/22 10:19:57 PM

https://experienceleague.adobe.com/docs/experience-manager-65/administering/security/security.html?l...

 

Usually, you would want to create your project-specific groups as members of OOTB groups mentioned in the above link and then add/remove permissions on top of it.

For what each folder do :- 

https://experienceleaguecommunities.adobe.com/t5/adobe-experience-manager/what-s-the-use-of-tmp-var-...

  • /apps - components (content and pages) , templates,clientlibs
  • /content - site pages , dam assets , XF, TAGS
  • /tmp is for temporary space, which could get recreated on every startup. Do not store data there which should survive a restart.
  • /var: temporary data, which needs to survive a retart
  • /bin: shouldn't be there. Typically created by accident, when you hit some servlet bound to the /bin folder, but the servlet is not registered yet.
  • /conf: That's the place where configuration is stored. Check the documentation of Sling Context-Aware Configuration for it. , templates config, Workflows etc
  • /system: That's for the system, don't mess with it.

Views

427

Replies

0
Sign in to like this content

Total Likes

Translate
Translate
Jump to reply