Hi,
We are upgrading from AEM 6.0 to AEM 6.1. One of the changes is that anonymous access to /etc is now removed.
In our case, tags are not appear for any user. Is there some other changes for existing user and groups for /etc specially etc/tags
Regards,
Anil
Views
Replies
Total Likes
Hi
Please refer to this similar AEM post :- http://help-forums.adobe.com/content/adobeforums/en/experience-manager-forum/adobe-experience-manage...
// AEM 6.1 anonymous read access to /etc was removed. How to handle this?
In AEM 6.1, service users must be system users, which effectively means that their node in the JCR is of type rep:SystemUser. These users cannot be used to log in normally, only by background processes. The admin user is not a system user, so you cannot use the admin user in a service user mapping like this. You have to create a new system user and assign them the appropriate permissions.
Solution can be found out here:
//
Goal: To write data/nodes to content (specifically to /etc/userdata) when a user logs in.
We can achieve this in 2 ways (either way, the user needs to be a 'system user')
Process 1:
Step 1: Use in-built system user in OSGI configuration. In OSGI select Apache Sling Service User Mapper Service
group.abc.commons-service:writeService=oauthservice (where 'oauthservice' is a system user)
Step 2: Assign that system user the permissions to access the content folder.
You see the system users in CRX at: /home/users/system
Process 2:
Step 1: Create a new system user. to do this
Open http://localhost:4502/crx/explorer/index.jsp
Login as admin > Open 'User Administration > Select 'Create System User' > Enter "user id" > Hit the Green button (you will not se a save button :)
I have created "abcwriteservice" user
Step 2: Go to Permissions, and for the user 'abcwriteservice' give Permissions to access the folder where you'd like to write. (In this example: /etc/userdata )
Step 3: Open OSGI console and go to "Apache Sling Service User Mapper Service" to define the service-user mapping. For example: 'group.commons-service:writeService=abcwriteservice'
Step 4: In code, i added extra parameter, as:
Map<String, Object> param = new HashMap<String, Object>(); param.put(ResourceResolverFactory.SUBSERVICE, "writeService"); try { resourceResolverWriter = factory.getServiceResourceResolver(param); if (resourceResolverWriter == null) throw new Exception("Could not obtain a CRX User for the Service:'writeService'"); Node usersRootNode = adminSession.getNode("/etc/userdata/users");
I hope this will help you.
Thanks and Regards
Kautuk Sahni
Views
Replies
Total Likes
Hi Kautuk,
My issue is limited to read operation. Since the read access is also not there, we are not able to see the information which is read-only. Question is how do we get a package of user, group and permission specially for etc from 6.0 and install it on 6.1. We have large number of group to be able to do it manually.
Any suggestions?
Thanks,
Anil
Views
Replies
Total Likes
"We have large number of group to be able to do it manually."
To work with groups and users, you can look at writing some User Manager code to automate creation of these. This is one of the reasons why this Jackrabbit API exists.
http://jackrabbit.apache.org/api/2.2/org/apache/jackrabbit/core/security/user/package-summary.html
Views
Replies
Total Likes
Views
Likes
Replies