Expand my Community achievements bar.

How to give User read only permission of web console?

Avatar

Community Advisor

Hi,

I've created a user. To that user, I want to assign read-only permission of web console to get to know the status only like in case of jmx console, User can read the repository status, can't edit anything.

How can we do that?

Thanks,

Himanshu

5 Replies

Avatar

Administrator

Hi 

By default only user 'admin' has got access on  OSGi console / Felix Console.

You would probably need give permission to some more user who can access this console but don't want to share admin password with them.
 
But this provide access to those users doesn't seems to be possible from /useradmin console of AEM , as it manages rights on repository content specifically and it doesn't have any option of OSGi console.
 
So , If you are in same scenario , you can follow below steps :
1. Create a group through /useradmin console of AEM, e.g osgi_console_admin
2. Add the user whom you want to provide access to OSGi console.
3. Go to Apache Sling Web Console Security Provider configuration in OSGi console through admin user.
http://host:port/system/console/configMgr/org.apache.sling.extensions.webconsolesecurityprovider.int...
4. Add the created group name in the configurations and save .
5. You can also add username directly , but it is not a recommended approach.

 

Reference Links:-

Link: http://letusaem.blogspot.in/2014/06/manage-osgi-console-felix-console.html

Link: http://labs.6dglobal.com/blog/2012-09-07/cq55-osgi-systemconsole-permissions/

Link: http://blogs.adobe.com/experiencedelivers/experience-management/grant-access-to-osgi-console/

 

I hope this will help you.

Thanks and Regards

Kautuk Sahni



Kautuk Sahni

Avatar

Community Advisor

But, this provides the User admin access. What according to the requirement, User should have only read permission so that User can be used in Curl command to get to know jmx repository status for backup.

User shouldn't be able to modify any configuration or anything in web console.

Avatar

Level 9

Have you tried by creating  a new user and providing READ only permissions at root level and then add that user to Web Console Configuration related??

I tried creating a new user and updated configuration.And now i am able to access Web Console by using this new user account.

You can also pass this same user in cURL command.

-Kishore