Learn about Edge Delivery Services in upcoming GEM session
SOLVED
RepoInit Configuration is not able to set ACL: read permission of a system user in AEM As a Cloud Service
Hi,
I am having one config "org.apache.sling.jcr.repoinit.RepositoryInitializer" and in that I am trying to set
"set ACL for test-user \r\nallow jcr:read on /libs/dam/content". While deploying the changes in local, it gets deployed easily, but when I deploy this config with my codebase in AEM AACS Server, it says
[Apache Sling Repository Startup Thread #1] com.adobe.granite.repository.impl.SlingRepositoryManager Exception in a SlingRepositoryInitializer, SlingRepository service registration aborted java.lang.RuntimeException: Failed to set ACL (java.lang.UnsupportedOperationException: This builder is read-only.) AclLine ALLOW {paths=[/libs/dam/content], privileges=[jcr:read]} at org.apache.sling.jcr.repoinit.impl.AclVisitor.setAcl(AclVisitor.java:64) [org.apache.sling.jcr.repoinit:1.1.28] at org.apache.sling.jcr.repoinit.impl.AclVisitor.visitSetAclPrincipal(AclVisitor.java:85) [org.apache.sling.jcr.repoinit:1.1.28]
To summerize, The issue is while cloud manager deploy my codebase with the repoinit config, it fails at deploy to dev step and says I can't set read access to /libs hierarchy. Ideally AEM says I can do that at the time of deployment, but not at the runtime
By seeing the below document, it feels like it should work because I am expecting it to set this permission at deployment time.
1 Accepted Solution
/libs/dam/content - This is a valid path still it gives the error.
but when I try to use some path under /conf it works!
Looks like it's an issue with AACS and we might need to reach out to Adobe and see why it does not work based on the documentation.
Also I tried to move the configs to ui.config and dpeloyed which did not solve the issue.
Can you also give a try and see if it works for you?
Thanks!
