Expand my Community achievements bar.

SOLVED

SSO and securing a form

Avatar

Level 7
Level 7
8/11/23 9:52:33 AM

Hello,

 

I have set up SAML authentication on our server.  I would like to protect only a folder of AEM Adaptive Forms.  I suspect I can use the Path in the Authentication handler and use the Mixins as describe in the documentation for we-retail.  This is the first thing that requires feedback.

 

Secondarily, I need to allow users to View and Submit the form, but not Edit the form.  I suspect that I will have AEM automatically provision the user and put them in a group that only has form-users role?  Would this protect the form from being edited?

 

Of course, if I'm going down the wrong path, any additional advice would be great.

 

Thanks,

Charles

Views

314

Replies

1
Sign in to like this content

Total Likes

Translate
Translate
1 Accepted Solution

Avatar

Correct answer by
Community Advisor
Community Advisor
8/15/23 7:12:28 AM

Hey @crich2784 

 

Let me give you a couple of insights:

1. Yes, you can protect with SAML-specific "paths" of the content tree, meaning that if you hit specific "paths" the Authentication will occur, this is achievable through the Adobe Granite SAML 2.0 Authentication Handler configuration as you mentioned

EstebanBustamante_0-1692108382661.png

2.To protect your forms from being edited, there are a couple of approaches. If you plan to enable SOO on the Publish server, you don't need to worry about it, as the authoring UI is not available there. However, if you plan to enable SOO on the Author server, this should be managed through regular AEM ACLs. In the same Adobe Granite SAML 2.0 Authentication Handler configuration, you can define groups to which users who successfully log in to AEM should be added. This can help ensure that users who are part of that group are not given editable permissions for your forms.

EstebanBustamante_1-1692108588094.png

 

 

 


Esteban Bustamante

View solution in original post

Views

273

Replies

0
Sign in to like this content

Total Likes

Translate
Translate
Jump to reply
1 Reply

Avatar

Correct answer by
Community Advisor
Community Advisor
8/15/23 7:12:28 AM

Hey @crich2784 

 

Let me give you a couple of insights:

1. Yes, you can protect with SAML-specific "paths" of the content tree, meaning that if you hit specific "paths" the Authentication will occur, this is achievable through the Adobe Granite SAML 2.0 Authentication Handler configuration as you mentioned

EstebanBustamante_0-1692108382661.png

2.To protect your forms from being edited, there are a couple of approaches. If you plan to enable SOO on the Publish server, you don't need to worry about it, as the authoring UI is not available there. However, if you plan to enable SOO on the Author server, this should be managed through regular AEM ACLs. In the same Adobe Granite SAML 2.0 Authentication Handler configuration, you can define groups to which users who successfully log in to AEM should be added. This can help ensure that users who are part of that group are not given editable permissions for your forms.

EstebanBustamante_1-1692108588094.png

 

 

 


Esteban Bustamante

Views

274

Replies

0
Sign in to like this content

Total Likes

Translate
Translate
Jump to reply
Related Conversations
script to clear a signature Solved

Views

67

Likes

0

Replies

1
AEM Forms: how to send email as HTML content type? Solved

Views

181

Likes

0

Replies

2
How to preview a Headless adaptive AEM Form using a React app Solved

Views

238

Likes

0

Replies

5
How to perform multiple actions on an adaptive form submission Solved

Views

194

Likes

0

Replies

4
Where is Adaptive Form Data is Stored in CRX Solved

Views

217

Likes

0

Replies

5