Expand my Community achievements bar.

SOLVED

SSO and securing a form

Avatar

Level 7
Level 7
8/11/23 9:52:33 AM

Hello,

 

I have set up SAML authentication on our server.  I would like to protect only a folder of AEM Adaptive Forms.  I suspect I can use the Path in the Authentication handler and use the Mixins as describe in the documentation for we-retail.  This is the first thing that requires feedback.

 

Secondarily, I need to allow users to View and Submit the form, but not Edit the form.  I suspect that I will have AEM automatically provision the user and put them in a group that only has form-users role?  Would this protect the form from being edited?

 

Of course, if I'm going down the wrong path, any additional advice would be great.

 

Thanks,

Charles

Views

418

Replies

1
Sign in to like this content

Total Likes

Translate
Translate
1 Accepted Solution

Avatar

Correct answer by
Community Advisor
Community Advisor
8/15/23 7:12:28 AM

Hey @crich2784 

 

Let me give you a couple of insights:

1. Yes, you can protect with SAML-specific "paths" of the content tree, meaning that if you hit specific "paths" the Authentication will occur, this is achievable through the Adobe Granite SAML 2.0 Authentication Handler configuration as you mentioned

EstebanBustamante_0-1692108382661.png

2.To protect your forms from being edited, there are a couple of approaches. If you plan to enable SOO on the Publish server, you don't need to worry about it, as the authoring UI is not available there. However, if you plan to enable SOO on the Author server, this should be managed through regular AEM ACLs. In the same Adobe Granite SAML 2.0 Authentication Handler configuration, you can define groups to which users who successfully log in to AEM should be added. This can help ensure that users who are part of that group are not given editable permissions for your forms.

EstebanBustamante_1-1692108588094.png

 

 

 


Esteban Bustamante

View solution in original post

Views

377

Replies

0
Sign in to like this content

Total Likes

Translate
Translate
Jump to reply
1 Reply

Avatar

Correct answer by
Community Advisor
Community Advisor
8/15/23 7:12:28 AM

Hey @crich2784 

 

Let me give you a couple of insights:

1. Yes, you can protect with SAML-specific "paths" of the content tree, meaning that if you hit specific "paths" the Authentication will occur, this is achievable through the Adobe Granite SAML 2.0 Authentication Handler configuration as you mentioned

EstebanBustamante_0-1692108382661.png

2.To protect your forms from being edited, there are a couple of approaches. If you plan to enable SOO on the Publish server, you don't need to worry about it, as the authoring UI is not available there. However, if you plan to enable SOO on the Author server, this should be managed through regular AEM ACLs. In the same Adobe Granite SAML 2.0 Authentication Handler configuration, you can define groups to which users who successfully log in to AEM should be added. This can help ensure that users who are part of that group are not given editable permissions for your forms.

EstebanBustamante_1-1692108588094.png

 

 

 


Esteban Bustamante

Views

378

Replies

0
Sign in to like this content

Total Likes

Translate
Translate
Jump to reply
Related Conversations
Calling AEM Forms JEE RESTful from SoapUI Solved

Views

96

Likes

0

Replies

2
AEM run mode in Adaptive form Solved

Views

155

Likes

0

Replies

3
How do you add text to the wizard wizard panel previous and next scroll?

Views

29

Likes

0

Replies

0
Use GraphQL endpoint to fetch data and display in an AEM component

Views

68

Likes

0

Replies

0
Accessibility Screen Reader Text - HTML5 form using XDP

Views

95

Likes

0

Replies

1