Expand my Community achievements bar.

SOLVED

Best practice for policies/templates and ACLs (AEM 6.4.6)

Avatar

Level 2

Hello all,

 

we have custom templates and polices in our project deployed to "/conf/customProject/settings/wcm/templates" and "/conf/customProject/settings/wcm/policies".

 

The problem is, that on the publisher the policies don't work, because of the deny jcr:all for everyone on the conf-folder. So we need to add 2 ACLs:

Bildschirmfoto 2020-02-12 um 08.39.21.png

This works perfectly for us, but we don't know if there are any side effects or if there is not a better user (maybe a system user) for this issue.

 

Does anyone have the same issue and a better practice to handle it?

 

Best, Maik

1 Accepted Solution

Avatar

Correct answer by
Employee Advisor
2 Replies

Avatar

Correct answer by
Employee Advisor

Hi @Maikman83 

 

I think the glob expression should be ok, however if you want to be safe I would follow the examples presented by AEM Project archetype:

 

https://github.com/adobe/aem-project-archetype/blob/master/src/main/archetype/ui.content/src/main/co...

 

https://github.com/adobe/aem-project-archetype/blob/master/src/main/archetype/ui.content/src/main/co...

 

Avatar

Level 2

@Daniel_Gordon thank you for your answer.

We researched a little by ourself and we found this documentation: https://docs.adobe.com/content/help/en/experience-manager-64/developing/platform/templates/page-temp...

 

Adobe recommend using the anonymous user. This user is part of the everyone group, so I think both solutions are capable.

 

Have a nice time.

Best, Maik