この会話は、活動がないためロックされています。新しい投稿を作成してください。
この会話は、活動がないためロックされています。新しい投稿を作成してください。
Hi All,
I am using AEM 6.3 & I have a use case where User A needs to be setup as impersonator on user B using api code. In order to achieve this, I need to setup rep:impersonators property on user B.
I have tried couple of options but none of these seems to be setting this property on user:
1. Added User A to user-administrators group and then tried to call grantimpersonators method on user B using user A but it always returns false.
2. Created a system user and added it to users-administrators group and then using user session tried to set rep:impersonators property on user B. But this also does not work
Can you please assist on how can I setup the impersonators property on any user using api and what are the prerequisites in order to be able to add this property successfully.
THanks,
Rajeev
表示
返信
いいね!の合計
WHat API are you using to perform this use case?
表示
返信
いいね!の合計
smacdonald2008: Below are the 3 options that we tried:
Scenario 1:
Boolean checkImpersonated = userB.getImpersonation().grantImpersonation(userA.getPrincipal());
//always returns false.
Scenario 2:
Value userAuthorizableId=session.getValueFactory().createValue(userSession.getUserID(), PropertyType.STRING);
User userB=(User) userManager.getAuthorizable(impersonateUser);
userB.setProperty("rep:impersonators", impersonator);
session
Scenario 3:
String impersonators = {“user1@test.com”,”test2@test.com”};
Authorizable auth = userManager.getAuthorizable(userBId);
Node authNode = session.getNode(auth.getPath());
表示
返信
いいね!の合計
The JCR standard does not provide this feature, but the Jackrabbit implementation does.
import org.apache.jackrabbit.api.security.user.User;
User canImpersonate = ...
User jrUser = (User) session.getUser();
Impersonation impersonation = jrUser.getImpersonation();
impersonation.grantImpersonation (canImpersonate);
表示
返信
いいね!の合計
Thank you for the details.
Does jrUser needs any specific permissions in repository in order to successfully grant impersonation right to canImpersonate?
表示
返信
いいね!の合計
Also current logged in user is canImpersonate and I want to setup the impersonation property on jrUser.
canImpersonate is a member of user-adminsitrations which means this user has all the rights to update user/groups.
Thanks,
Rajeev
表示
返信
いいね!の合計
There are no further prequisites to use this API.
表示
返信
いいね!の合計