Ability to send invitations to external users (System Generated)

Avatar

Avatar

bikash_kumar306

Avatar

bikash_kumar306

bikash_kumar306

10-09-2020

Hi All,

 

The Admin user should able to create the external user by providing the email of external user with temporary password(System generated) and provide access to specific folder in DAM through user interface and send this invitation to external user by mail automatically(System generated). The External user should login through that invitation and able to update the password.

 

Could you please let me know how we can achieve this in AEM .

 

Regards

Bikash Singh

View Entire Topic

Avatar

Avatar

raj_mandalapu

Avatar

raj_mandalapu

raj_mandalapu

10-09-2020

There are multiple things involved here, you need to have protected page, two components, two servlets and OSGI service.

1. The pages should be protected, registering users should not be allowed on an anonymous page and the page should be visible to only admin users.

2. create a registration component that asks basic details, email address, first name, last name.

3. on clicking of the submit button using Ajax, call servlet.

4. the servlet should handle creating a user and adding to the group

5. it is best practise is to create a separate group and add permissions, instead of creating permissions for every user.

6. the servlet should contain below sample code.

ResourceResolver resourceResolver = resolverFactory.getAdministrativeResourceResolver(null);
session = resourceResolver.adaptTo(Session.class);
//Create a UserManager instance from the session object
UserManager userManager = ((JackrabbitSession) session).getUserManager();
String path = "/home/users/geometrixx";
JackrabbitSession js = (JackrabbitSession) session;
// Create a Group and User
Group group = userManager.createGroup("My Group");
User user = userManager.createUser(name, "AEM");
// Add Users to Group
Authorizable authUser = userManager.getAuthorizable(user.getID());
group.addMember(authUser);
// Provide permissions to Group
AccessControlManager accCtrlMgr = session.getAccessControlManager();
JackrabbitSession jcrSession = (JackrabbitSession) session;
PrincipalManager principalMgr = jcrSession.getPrincipalManager();
Principal groupPrincipal = principalMgr.getPrincipal("My Group");
Privilege[] privileges = new Privilege[] { accCtrlMgr.privilegeFromName(Privilege.JCR_ALL) };
javax.jcr.security.AccessControlPolicyIterator accList= accCtrlMgr.getApplicablePolicies(path);
javax.jcr.security.AccessControlList acl =(AccessControlList) accList.nextAccessControlPolicy();
acl.addAccessControlEntry(groupPrincipal, privileges);
accCtrlMgr.setPolicy(path, acl);
session.save();

 

7. Once the user creation is successful, then you need to send out an email to the external user.

8. Create OSGI service which sends an email to the external -user

refer this: https://adobe-consulting-services.github.io/acs-aem-commons/features/e-mail/email-api/index.html

9. in the body of the email attach a link to change the password and send a temporary password

10. the change password page should contain a password change component,

11. create a separate servlet for changing the password, in the servlet validate the email address and temporary password, if validation success then allows him to change the password otherwise display failure notification. for this, you can reuse most of the code which is mentioned in step 6