Expand my Community achievements bar.

Adobe Summit is live! Tune in to take part in the premier digital experience event.
Join now
SOLVED

SSO and securing a form

Avatar

Level 7
Level 7
8/11/23 9:52:33 AM

Hello,

 

I have set up SAML authentication on our server.  I would like to protect only a folder of AEM Adaptive Forms.  I suspect I can use the Path in the Authentication handler and use the Mixins as describe in the documentation for we-retail.  This is the first thing that requires feedback.

 

Secondarily, I need to allow users to View and Submit the form, but not Edit the form.  I suspect that I will have AEM automatically provision the user and put them in a group that only has form-users role?  Would this protect the form from being edited?

 

Of course, if I'm going down the wrong path, any additional advice would be great.

 

Thanks,

Charles

Views

500

Replies

1
Sign in to like this content

Total Likes

Translate
Translate
1 Accepted Solution

Avatar

Correct answer by
Community Advisor
Community Advisor
8/15/23 7:12:28 AM

Hey @crich2784 

 

Let me give you a couple of insights:

1. Yes, you can protect with SAML-specific "paths" of the content tree, meaning that if you hit specific "paths" the Authentication will occur, this is achievable through the Adobe Granite SAML 2.0 Authentication Handler configuration as you mentioned

EstebanBustamante_0-1692108382661.png

2.To protect your forms from being edited, there are a couple of approaches. If you plan to enable SOO on the Publish server, you don't need to worry about it, as the authoring UI is not available there. However, if you plan to enable SOO on the Author server, this should be managed through regular AEM ACLs. In the same Adobe Granite SAML 2.0 Authentication Handler configuration, you can define groups to which users who successfully log in to AEM should be added. This can help ensure that users who are part of that group are not given editable permissions for your forms.

EstebanBustamante_1-1692108588094.png

 

 

 


Esteban Bustamante

View solution in original post

Views

459

Replies

0
Sign in to like this content

Total Likes

Translate
Translate
Jump to reply
1 Reply

Avatar

Correct answer by
Community Advisor
Community Advisor
8/15/23 7:12:28 AM

Hey @crich2784 

 

Let me give you a couple of insights:

1. Yes, you can protect with SAML-specific "paths" of the content tree, meaning that if you hit specific "paths" the Authentication will occur, this is achievable through the Adobe Granite SAML 2.0 Authentication Handler configuration as you mentioned

EstebanBustamante_0-1692108382661.png

2.To protect your forms from being edited, there are a couple of approaches. If you plan to enable SOO on the Publish server, you don't need to worry about it, as the authoring UI is not available there. However, if you plan to enable SOO on the Author server, this should be managed through regular AEM ACLs. In the same Adobe Granite SAML 2.0 Authentication Handler configuration, you can define groups to which users who successfully log in to AEM should be added. This can help ensure that users who are part of that group are not given editable permissions for your forms.

EstebanBustamante_1-1692108588094.png

 

 

 


Esteban Bustamante

Views

460

Replies

0
Sign in to like this content

Total Likes

Translate
Translate
Jump to reply
Related Conversations
Unable to Create PDF from PowerPoint in AEM Forms via AdminUI Solved

Views

91

Likes

0

Replies

3
Best way to generate Document of Record for Adaptive forms, without using XDP as form template

Views

140

Likes

0

Replies

6
Facing New-Form Creation Error

Views

81

Likes

0

Replies

2
AEM Forms - Changing "state" of a panel tab to default instead of visited if required fields are incomplete

Views

61

Likes

0

Replies

1
AEM Forms JEE user audit logs enable

Views

119

Likes

0

Replies

6