Adobe Experience Manager Forms

aemuser001 · 1:15:19 PM

Hi Everyone,

Currently I have an on-premise AEM 6.5 that is running a bundle in Author instance. This bundle provides the middleware API to communicate with the Adobe templates.

As an admin, I like to avoid adding users in the Administrator's group unless it is absolutely necessary. I like to create a new user group that provides sufficient permissions and access level for the users in the group to perform their task successfully.

1. What steps need to be taken to create this user group?

2. Are there any existing groups in Adobe default setup that can be added to the User Group?

3. Is there any useful documentation on this topic?

Thanks in advance for the response,

Leena

Pulkit_Jain_ · 9:29:15 PM

@aemuser001

AEM uses ACLs to determine what actions a user or group and can take and where it can perform those actions. And accordingly give permissions to the users or groups to access AEM pages or perform a particular task. Here is a document that will provide you elaborate steps to configure and maintain user authorization in AEM - https://experienceleague.adobe.com/docs/experience-manager-65/administering/security/security.html?l...

For your use-case, once you create a group, you may give permissions on particular nodes of the CRX so that the user that is added to the group will be able to perform the task accordingly.

AEM also provides a set of built-in users and groups that you can add to your custom group.

Hope this helps!

원본 게시물의 솔루션 보기

Pulkit_Jain_ · 9:29:15 PM

@aemuser001

AEM uses ACLs to determine what actions a user or group and can take and where it can perform those actions. And accordingly give permissions to the users or groups to access AEM pages or perform a particular task. Here is a document that will provide you elaborate steps to configure and maintain user authorization in AEM - https://experienceleague.adobe.com/docs/experience-manager-65/administering/security/security.html?l...

For your use-case, once you create a group, you may give permissions on particular nodes of the CRX so that the user that is added to the group will be able to perform the task accordingly.

AEM also provides a set of built-in users and groups that you can add to your custom group.

Hope this helps!

Mayank_Gandhi · 10:49:42 PM

@aemuser001 You need to create and use service user for this.

A service user is a JCR user with no password set and a minimal set of privileges that are necessary to perform a specific task. Having no password set means that it will not be possible to login with a service user.

A way to deprecate an administrative session is to replace it with service user sessions. It could also be replaced by multiple sub-service users if needed.

https://experienceleague.adobe.com/docs/experience-manager-64/administering/security/security-servic...