RepoInit Configuration is not able to set ACL: read permission of a system user in AEM As a Cloud Service

Avatar

Avatar
Validate 1
Level 1
shivanigarg111
Level 1

Likes

0 likes

Total Posts

4 posts

Correct reply

0 solutions
Top badges earned
Validate 1
View profile

Avatar
Validate 1
Level 1
shivanigarg111
Level 1

Likes

0 likes

Total Posts

4 posts

Correct reply

0 solutions
Top badges earned
Validate 1
View profile
shivanigarg111
Level 1

15-04-2021

Hi,

 

I am having one config "org.apache.sling.jcr.repoinit.RepositoryInitializer" and in that I am trying to set 

"set ACL for test-user \r\nallow jcr:read on /libs/dam/content". While deploying the changes in local, it gets deployed easily, but when I deploy this config with my codebase in AEM AACS Server,  it says

[Apache Sling Repository Startup Thread #1] com.adobe.granite.repository.impl.SlingRepositoryManager Exception in a SlingRepositoryInitializer, SlingRepository service registration aborted java.lang.RuntimeException: Failed to set ACL (java.lang.UnsupportedOperationException: This builder is read-only.) AclLine ALLOW {paths=[/libs/dam/content], privileges=[jcr:read]} at org.apache.sling.jcr.repoinit.impl.AclVisitor.setAcl(AclVisitor.java:64) [org.apache.sling.jcr.repoinit:1.1.28] at org.apache.sling.jcr.repoinit.impl.AclVisitor.visitSetAclPrincipal(AclVisitor.java:85) [org.apache.sling.jcr.repoinit:1.1.28]

 

To summerize, The issue is while cloud manager deploy my codebase with the repoinit config, it fails at deploy to dev step and says I can't set read access to /libs hierarchy. Ideally AEM says I can do that at the time of deployment, but not at the runtime

By seeing the below document, it feels like it should work because I am expecting it to set this permission at deployment time.

shivanigarg111_0-1618544020728.png

 

Accepted Solutions (1)

Accepted Solutions (1)

Avatar

Avatar
Applaud 25
Level 10
asutosh_jena
Level 10

Likes

593 likes

Total Posts

705 posts

Correct reply

207 solutions
Top badges earned
Applaud 25
Give Back 100
Boost 500
Affirm 100
Ignite 1
View profile

Avatar
Applaud 25
Level 10
asutosh_jena
Level 10

Likes

593 likes

Total Posts

705 posts

Correct reply

207 solutions
Top badges earned
Applaud 25
Give Back 100
Boost 500
Affirm 100
Ignite 1
View profile
asutosh_jena
Level 10

15-04-2021

Hi @shivanigarg111 

 

I tried with the below script and getting a different error though.

create service user test-user
set ACL on /libs/dam/content
allow jcr:read for test-user
end

Error:

INFO: Adding ACL 'allow' entry '[jcr:read]' for [test-user] on [/libs/dam/content]

ERROR: Failed to set ACL (javax.jcr.PathNotFoundException: Cannot set ACL on non-existent path /libs/dam/content) AclLine ALLOW {principals=[test-user], privileges=[jcr:read]} 

 

Debugging further. Will keep posted if I find anything.

 

Thanks!

Answers (0)