Highlighted

Admin User/ Administrator Group

ashwiniv5325199

08-01-2019

Hi All,

            How to authenticate whether the logged user is admin or belong to administrator group or not in a servlet?

Thanks & Regards,

Ashwini V

Replies

Highlighted

ashwiniv5325199

08-01-2019

Thanks for the response

How to use the session and authenicate the current user is admin or whether the user belong to administrator group?

Because using the below code , it is giving NULL POINTER exception

ResourceResolver resourceResolver = resourceFactory.getAdministrativeResourceResolver(null);   

Session session = resourceResolver.adaptTo(Session.class);

UserManager currentUser = resourceResolver.adaptTo(UserManager.class);

Please suggest some other code to resolve this issue

Thanks & Regards,

Ashwini

Highlighted

Gaurav-Behl

MVP

08-01-2019

Admin session is not recommended in 6.x. Use service users to get the session and thereby current user's properties. You can get groups within Authorizable. You may have to modify the code based on AEM version that you use.

something like

Session session = resourceResolver.adaptTo(Session.class);

UserManager userManager = resourceResolver.adaptTo(UserManager.class);

Authorizable auth = userManager.getAuthorizable(session.getUserID());

Iterator<Group> groups = auth.memberOf();

or

      

  //Create a UserManager instance from the session object

  UserManager userManager = ((JackrabbitSession) session).getUserManager();

users= userManager.findAuthorizables("jcr:primaryType", "rep:User");

Refer:

Adobe CQ/Adobe AEM: How to Use Sessions and Resource Resolver through Service Authentication In AEM6

Service Users in AEM

Apache Sling :: Managing users and groups (jackrabbit.usermanager)

Highlighted

edubey

08-01-2019

Make sure to user current user session

Session userSession = slingRequest.getResourceResolver().adaptTo(Session.class);

final UserManager userManager = slingRequest.getResourceResolver().adaptTo(UserManager.class);

final User user = (User) userManager.getAuthorizable(userSession.getUserID());

Boolean isadmin = user.isAdmin()