Expand my Community achievements bar.

Don’t miss the AEM Skill Exchange in SF on Nov 14—hear from industry leaders, learn best practices, and enhance your AEM strategy with practical tips.
SOLVED

How to save session on aem cloud using system resource resolver?

Avatar

Level 2

Not able to save the session with the system resource resolver. But able to save with request.getResourceResolver on cloud. System resource resolver value is not null when i debugged my code. Can someone please help me resolving this on cloud.

1 Accepted Solution

Avatar

Correct answer by
Community Advisor

Hi @rohinin94643925 

 

If you are using a system user to get the resource resolver, please ensure to provide the correct read and write permission to the system user with the path where you are performing the write operation. If the permission are missing you will not be able to save.

 

You can set the permission using repository initializer.

org.apache.sling.jcr.repoinit.RepositoryInitializer-myproject.config

 

scripts=["
create service user service-user

set ACL on /content/myproject
allow jcr:read for service-user
allow jcr:write for service-user
end
"]

 

Thanks!

View solution in original post

6 Replies

Avatar

Correct answer by
Community Advisor

Hi @rohinin94643925 

 

If you are using a system user to get the resource resolver, please ensure to provide the correct read and write permission to the system user with the path where you are performing the write operation. If the permission are missing you will not be able to save.

 

You can set the permission using repository initializer.

org.apache.sling.jcr.repoinit.RepositoryInitializer-myproject.config

 

scripts=["
create service user service-user

set ACL on /content/myproject
allow jcr:read for service-user
allow jcr:write for service-user
end
"]

 

Thanks!

Avatar

Level 2

Hi @Asutosh_Jena_ , 

 

I gave permissions as follows:

scripts=[
"
create service user service-user with path system
set ACL on /conf,/apps, /, /content/dam/project
allow jcr:read for service-user
end

# Add members to groups
add service-user to group administrators
"
]

 So, my service-user has admin rights. still nodes are not getting saved with session.save(), where session is created with service user.
When I debug through my code, I get resolver object and code is traversed till the end. I don't see any error in logs too. 

Avatar

Community Advisor

Hi @rohinin94643925 

 

First of all you should not give administrator access to the system user as it defeats the purpose of system user.

Also I see you have given the read access to all the paths, instead of it, you should give read and write access to the path where you are writing the data.

 

Can you confirm which location you are trying to write the data? As you mentioned, you are able to save the session when using the request.ResourceResolver which is anonymous I feel it's must be somewhere you have the public access. Please confirm.

 

Thanks!

Avatar

Level 2

Thanks @Asutosh_Jena_ . Just to confirm if the issue is with permissions, I added user to the admin group. I will update the rights.

 

I'm trying to write the data under /content/project.
Basically, I'm creating nodes programatically and I want to save them.

Avatar

Community Advisor

You shouldn't add system user to administrators group. In sling init, you have provided only jcr:read access to service-user.

Ideally you should provide read & write access to service-user to write content under /content/project. Remove this user from admin group and try.

Repo Init would be like this

scripts=["
# These paths must exist otherwise the following ACL applicaiton will fail, resulting in err'ing build
create path /content/<project>(sling:Folder)
create service user service-user

set ACL for service-user
allow jcr:versionManagement,jcr:read,crx:replicate,rep:write,jcr:lockManagement on /content/project
end
"]

 

Avatar

Level 2

@HeenaMadan , Thanks. I already tried what @Asutosh_Jena_  said and worked for me. Forgot to mention it here.
I actually had different API related issue too. Refactored the code with different API and it worked.
Thanks @Asutosh_Jena_ .