Console Error - Principle-Based Access Control Setup

Question

Hi All,
 
I have an issue with the below warning log -
25.11.2022 01:32:19.770 [cm-pxyzabc-eabcxyz-aem-publish-zzzz68f69-hp6ff] *WARN* [20.59.3.67 [1669339939629] GET /content/brandA/us/en/home.html HTTP/1.1] com.adobe.granite.repository.impl.SystemPrincipalsValidation Refactor principal 'custom-system-user' to have principal-based access control setup.
 
The system user is defined in the JSON file (.cfg.json) as below -

The permissions for the system user (ACE and User) are picked from yml file defined as below -

How should I refactor the service user and mapping to use principle name and principle-based authorization ?
 
@arunpatidar, @markusbullaadobe, @b_sravan, @kautuk_sahni 
 
Thanks,
Rohan Garg

Rohan_Garg · Accepted Answer

As per sling documentation (https://sling.apache.org/documentation/the-sling-engine/service-authentication.html) -

The below is the principle based mapping which is what we are already using -

<service-name>[:<subservice-name>]="["<principal name of a JCR system user>{","<principal name of a JCR system user>}"]"

arunpatidar · Answer

Can you try to setup user with name as well?Example   - al-oneweb-service-write-user:       - isMemberOf:         isSystemUser: true         name: al-oneweb-service-write-user          path: /home/users/system/aemlab/oneweb

Sign up

Login with SSO

Login to the community

Login with SSO

Scanning file for viruses.

This file cannot be downloaded