AccessControlUtils.addAccessControlEntry getting failed with permission issue in 6.3 | Community
Skip to main content
K
KritiRathiTela
September 4, 2018
Solved

AccessControlUtils.addAccessControlEntry getting failed with permission issue in 6.3

  • September 4, 2018
  • 11 replies
  • 2021 views

AccessControlUtils.addAccessControlEntry getting failed with permission issue in AEM6.3 but working fine in AEM6.1

Exception -

javax.jcr.AccessDeniedException: Access denied.

   at org.apache.jackrabbit.oak.spi.security.authorization.accesscontrol.AbstractAccessControlManager.checkPermissions(AbstractAccessControlManager.java:200)

   at org.apache.jackrabbit.oak.spi.security.authorization.accesscontrol.AbstractAccessControlManager.getTree(AbstractAccessControlManager.java:167)

   at org.apache.jackrabbit.oak.spi.security.authorization.cug.impl.CugAccessControlManager.getCugPolicy(CugAccessControlManager.java:239)

   at org.apache.jackrabbit.oak.spi.security.authorization.cug.impl.CugAccessControlManager.getApplicablePolicies(CugAccessControlManager.java:137)

   at org.apache.jackrabbit.oak.security.authorization.composite.CompositeAccessControlManager.getApplicablePolicies(CompositeAccessControlManager.java:99)

   at org.apache.jackrabbit.oak.jcr.delegate.AccessControlManagerDelegator$7.perform(AccessControlManagerDelegator.java:121)

   at org.apache.jackrabbit.oak.jcr.delegate.AccessControlManagerDelegator$7.perform(AccessControlManagerDelegator.java:117)

   at org.apache.jackrabbit.oak.jcr.delegate.SessionDelegate.perform(SessionDelegate.java:208)

   at org.apache.jackrabbit.oak.jcr.delegate.AccessControlManagerDelegator.getApplicablePolicies(AccessControlManagerDelegator.java:117)

   at org.apache.jackrabbit.oak.jcr.delegate.JackrabbitAccessControlManagerDelegator.getApplicablePolicies(JackrabbitAccessControlManagerDelegator.java:147)

   at org.apache.jackrabbit.commons.jackrabbit.authorization.AccessControlUtils.getAccessControlList(AccessControlUtils.java:128)

   at org.apache.jackrabbit.commons.jackrabbit.authorization.AccessControlUtils.getAccessControlList(AccessControlUtils.java:108)

   at org.apache.jackrabbit.commons.jackrabbit.authorization.AccessControlUtils.addAccessControlEntry(AccessControlUtils.java:185)

any idea ??

This post is no longer active and is closed to new replies. Need help? Start a new post to ask your question.
Best answer by arunpatidar

Hi,

From workflow you need to get session like

Session session = workflowSession.getSession();

Then you can try to cast JackrabbitSession jcrSession = (JackrabbitSession) session;

Please check session user and permission as well.

11 replies

smacdonald2008
smacdonald2008
Level 10
September 4, 2018

Show full code example please

K
KritiRathiTelaAuthor
September 4, 2018

This is call to addAccessControlEntry -

  

   AccessControlUtils.addAccessControlEntry(session, <actual path of the asset>, getEveryonePrincipal(session), getWritePriviledges(session), false);

  

  

   Below is method for everyone Principal and Privilege -

  

   private Principal getEveryonePrincipal(final Session session) throws RepositoryException {

        JackrabbitSession jcrSession = (JackrabbitSession) session;

        PrincipalManager principalMgr = jcrSession.getPrincipalManager();

        return principalMgr.getPrincipal(EVERYONE_NAME);

    }

    private Privilege[] getWritePriviledges(final Session session) throws RepositoryException {

        AccessControlManager accCtrlMgr = session.getAccessControlManager();

        return new Privilege[]{accCtrlMgr.privilegeFromName(Privilege.JCR_WRITE)};

    }

arunpatidar
Community Advisor
arunpatidarCommunity Advisor
Community Advisor
September 4, 2018

Hi,

What session are you using? User session or subservice session.

Arun Patidar
K
KritiRathiTelaAuthor
September 4, 2018

its Workflow session - final Session session = workflowSession.adaptTo(Session.class);

K
KritiRathiTelaAuthor
September 4, 2018

not tried any thing to whitelist. What exactly need to be done ?

smacdonald2008
smacdonald2008
Level 10
September 4, 2018

See this -- How to get jcr Session in the workflow?

To whitelist the bundle - see this -- Scott's Digital Community: Adobe Experience Manager FAQs and other Tips  (Search whitelist)

K
KritiRathiTelaAuthor
September 4, 2018

using same way to get session i.e adaptTo - final Session session = workflowSession.adaptTo(Session.class);

smacdonald2008
smacdonald2008
Level 10
September 4, 2018

I will test this tomorrow to see if we can cast to JCR Session and use it to interact with JCR operations.

K
KritiRathiTelaAuthor
September 4, 2018

Sure, thanks

smacdonald2008
smacdonald2008
Level 10
September 4, 2018

Also - check this article - we perform JCR operations here -- Modifying Digital Assets using Adobe Experience Manager Workflows

Show more replies
Terms & ConditionsAccessibility statement

Loading footer...