Expand my Community achievements bar.

SOLVED

Site User management in AEM

Avatar

Level 1

Hi,

Can someone clarify me. I am authenticating users of my site from salesforce for the first time by API call. After the successful login I store the user details in AEM using user management concept. If the user login for second time I fetch the details from AEM itself. My doubt is whether this logic is work in live environment?  Shall I store the site users as  AEM Users[Everyone/Anonymous]  along with Groups and ACLs concept in AEM. 

1 Accepted Solution

Avatar

Correct answer by
Level 9

Hi Robert,

When you have third party authentication in AEM, you would not be able to do the authorization part unless user is available in AEM.  And the reason is pretty much clear. Every resource is in AEM but user permissions for any resource are store somewhere else (hypothetically). Then how would you authorized a user for the particular resource.

Regards,

Jitendra

View solution in original post

2 Replies

Avatar

Level 10

Storing users in AEM and setting up ACL groups, etc is always best practice as per the docs: 

https://docs.adobe.com/docs/en/aem/6-2/administer/security/security.html

Avatar

Correct answer by
Level 9

Hi Robert,

When you have third party authentication in AEM, you would not be able to do the authorization part unless user is available in AEM.  And the reason is pretty much clear. Every resource is in AEM but user permissions for any resource are store somewhere else (hypothetically). Then how would you authorized a user for the particular resource.

Regards,

Jitendra