Adobe Experience Manager Sites & More

rajeev_yadav · 10:03:30 PM

Hi All,

I am using AEM 6.3 & I have a use case where User A needs to be setup as impersonator on user B using api code. In order to achieve this, I need to setup rep:impersonators property on user B.

I have tried couple of options but none of these seems to be setting this property on user:

1. Added User A to user-administrators group and then tried to call grantimpersonators method on user B using user A but it always returns false.

2. Created a system user and added it to users-administrators group and then using user session tried to set rep:impersonators property on user B. But this also does not work

Can you please assist on how can I setup the impersonators property on any user using api and what are the prerequisites in order to be able to add this property successfully.

THanks,
Rajeev

smacdonald2008 · 7:48:14 AM

WHat API are you using to perform this use case?

rajeev_yadav · 9:23:58 AM

smacdonald2008: Below are the 3 options that we tried:

Scenario 1:

Boolean checkImpersonated = userB.getImpersonation().grantImpersonation(userA.getPrincipal());

//always returns false.

Scenario 2:

Value userAuthorizableId=session.getValueFactory().createValue(userSession.getUserID(), PropertyType.STRING);

User userB=(User) userManager.getAuthorizable(impersonateUser);

userB.setProperty("rep:impersonators", impersonator);

session

Scenario 3:

String impersonators = {“user1@test.com”,”test2@test.com”};

Authorizable auth = userManager.getAuthorizable(userBId);

Node authNode = session.getNode(auth.getPath());

authNode.setProperty(("rep:impersonators", impersonators);
session.save();

Jörg_Hoh · 12:34:30 PM

The JCR standard does not provide this feature, but the Jackrabbit implementation does.

import org.apache.jackrabbit.api.security.user.User;

User canImpersonate = ...

User jrUser = (User) session.getUser();

Impersonation impersonation = jrUser.getImpersonation();

impersonation.grantImpersonation (canImpersonate);

User (Apache Jackrabbit 2.18.0 API)

rajeev_yadav · 1:24:46 PM

@Jörg Hoh

Thank you for the details.

Does jrUser needs any specific permissions in repository in order to successfully grant impersonation right to canImpersonate?

rajeev_yadav · 1:30:37 PM

@Jörg Hohb :

Also current logged in user is canImpersonate and I want to setup the impersonation property on jrUser.

canImpersonate is a member of user-adminsitrations which means this user has all the rights to update user/groups.

Thanks,

Rajeev

Jörg_Hoh · 12:41:46 AM

There are no further prequisites to use this API.

Adobe Experience Manager Sites & More

How to set rep:impersonators property on a user

学習

ドキュメント

イベント

コミュニティ

サポート

リソース

Adobe アカウント

Adobe