Solved: Best practice for policies/templates and ACLs (AEM... - Adobe Experience League Community

View profile · 12-02-2020

Hello all,

we have custom templates and polices in our project deployed to "/conf/customProject/settings/wcm/templates" and "/conf/customProject/settings/wcm/policies".

The problem is, that on the publisher the policies don't work, because of the deny jcr:all for everyone on the conf-folder. So we need to add 2 ACLs:

Bildschirmfoto 2020-02-12 um 08.39.21.png

This works perfectly for us, but we don't know if there are any side effects or if there is not a better user (maybe a system user) for this issue.

Does anyone have the same issue and a better practice to handle it?

Best, Maik

View profile · 13-02-2020

Hi @Maikman83

I think the glob expression should be ok, however if you want to be safe I would follow the examples presented by AEM Project archetype:

https://github.com/adobe/aem-project-archetype/blob/master/src/main/archetype/ui.content/src/main/co...

View profile · 13-02-2020

@dgordon86 thank you for your answer.

We researched a little by ourself and we found this documentation: https://docs.adobe.com/content/help/en/experience-manager-64/developing/platform/templates/page-temp...

Adobe recommend using the anonymous user. This user is part of the everyone group, so I think both solutions are capable.

Have a nice time.

Best, Maik

Best practice for policies/templates and ACLs (AEM 6.4.6)

Accepted Solutions (1)

Accepted Solutions (1)

Answers (1)

Answers (1)