Hello,
I followed the instruction https://helpx.adobe.com/experience-manager/6-3/sites/administering/using/security-service-users.html to create a service user and a mapping.
To create a user I performed following steps:
- created a user just like the site specifies there: http://server:port/crx/explorer/index.jsp
as I want the user to be created during bundle content installation:
- created a .confg.xml file under /<content_dir>/src/main/content/jcr_root/home/users/system/<jcr:uuid from the created user in previous step> with the content specified in the example in instruction>
- added a filter instruction to /<content_dir>/src/main/content/META_INF/vault/filter.xml -> <filter root="/home/users/system" mode="merge"/>
- removed the user from jcr.
During bundle installation in aem following error occured:
Request failed: org.apache.jackrabbit.vault.packaging.PackageException: javax.jcr.nodetype.ConstraintViolationException: OakConstraint0001: /home/users/system[[rep:AuthorizableFolder, rep:AccessControllable]]: No matching definition found for child node q1_hkN-Qns4jK_Lt9ri_ with effective type [nt:folder] (500)
As to adding an amendment to ServiceUserMapper configuration,
- I've placed a file named org.apache.sling.serviceusermapping.impl.ServiceUserMapperImpl.amended-<service_user_name>-factory.xml
in /<bundle_dir>/src/main/resources/SLING-INF/content/
with following content:
<?xml version="1.0" encoding="UTF-8"?>
<jcr:root xmlns:sling="http://sling.apache.org/jcr/sling/1.0"
xmlns:jcr="http://www.jcp.org/jcr/1.0"
jcr:primaryType="sling:OsgiConfig"
user.mapping="[<package_path>=<service_user_name>]" />
and I've performed the 3rd step of the instruction exactly as it's specified there, however the configuration does not seem to take place. I've checked that by looking at path /libs/system/config in jcr and checking as specified in 4th step of the instruction.
Have you encountered the same or similar problem or might now the solution to this one?
Solved! Go to Solution.
Views
Replies
Total Likes
It finally worked, even without renaming it.
What I've done is just placed the file in content package in catalogue: <...>/jcr_root/apps/<app>/config/ which resulted in putting the file into the same location in JCR and initialization of an instance of the factory defined in there.
Looks like just correct jcr:primaryType was enough to make the functionality work.
Views
Replies
Total Likes
Could you please explain your use case? Why would you want to create "service user" progammatically at run time?
Per my knowledge, it requires admin credentials/session to create service user. How do you plan to get the "admin" session in your code and then make sure that you apply the configuration to the respective use case at run time?
Views
Replies
Total Likes
I wanted to use a service user as a mean to access certain jcr paths that a logged-in user may not have access to.
Views
Replies
Total Likes
That's a valid use case. Just create the user as mentioned in the article and assign permissions to specific paths via /useradmin and in the usermapper configuration, grant either read or write or both permissions (based on your use case) to the user against the bundle. Now, that system user can be utilized by that service bundle and would have read/write access to specific paths. All of this is done statically one time before you deploy your code bundle.
In your source code/bundle, you'd simply use this service user to perform some action.
I got confused with your statement - "as I want the user to be created during bundle content installation"
Views
Replies
Total Likes
The jcr:primaryType of q1_hkN-Qns4jK_Lt9ri_ node must be rep:SystemUser in the xml file
Views
Replies
Total Likes
Actually, I want the user to be defined in a package, so that when it's is uploaded to AEM and installed, the user is installed as-well. So user creation through /useradmin is not what I want to do.
That's the content of .config.xml (so there's already rep:SystemUser):
<?xml version="1.0" encoding="UTF-8"?>
<jcr:root xmlns:jcr="http://www.jcp.org/jcr/1.0" xmlns:rep="internal"
jcr:primaryType="rep:SystemUser"
jcr:uuid="55a85283-a5cc-34f8-9049-6b252037b538"
rep:principalName="testSysUser"
rep:authorizableId="testSysUser"/>
Views
Replies
Total Likes
I've managed to figure out the first issue by simply renaming the '.config.xml' file to '.content.xml' - small issue.
Now I'm working on the 2nd issue.
Views
Replies
Total Likes
Rename org.apache.sling.serviceusermapping.impl.ServiceUserMapperImpl.amended-<service_user_name>-factory.xml to org.apache.sling.serviceusermapping.impl.ServiceUserMapperImpl.amended-<service_user_name>.xml.
Also it is not required to use the name of the service is the name (as <service_user_name>), but it's just good practice.
Views
Replies
Total Likes
Follow this Helpx article. Adobe Experience Manager Help | Querying Adobe Experience Manager 6.4 JCR data using the QueryBuilde...
as you can see in video, it works fine.
Views
Replies
Total Likes
It finally worked, even without renaming it.
What I've done is just placed the file in content package in catalogue: <...>/jcr_root/apps/<app>/config/ which resulted in putting the file into the same location in JCR and initialization of an instance of the factory defined in there.
Looks like just correct jcr:primaryType was enough to make the functionality work.
Views
Replies
Total Likes
Views
Likes
Replies