Adobe Experience Manager Sites & More

Robi2004 · 11/29/16

Hi,

Can someone clarify me. I am authenticating users of my site from salesforce for the first time by API call. After the successful login I store the user details in AEM using user management concept. If the user login for second time I fetch the details from AEM itself. My doubt is whether this logic is work in live environment? Shall I store the site users as AEM Users[Everyone/Anonymous] along with Groups and ACLs concept in AEM.

Jitendra_S_Toma · 11/30/16

Hi Robert,

When you have third party authentication in AEM, you would not be able to do the authorization part unless user is available in AEM. And the reason is pretty much clear. Every resource is in AEM but user permissions for any resource are store somewhere else (hypothetically). Then how would you authorized a user for the particular resource.

Regards,

Jitendra

View solution in original post

smacdonald2008 · 11/29/16

Storing users in AEM and setting up ACL groups, etc is always best practice as per the docs:

https://docs.adobe.com/docs/en/aem/6-2/administer/security/security.html

Jitendra_S_Toma · 11/30/16

Hi Robert,

When you have third party authentication in AEM, you would not be able to do the authorization part unless user is available in AEM. And the reason is pretty much clear. Every resource is in AEM but user permissions for any resource are store somewhere else (hypothetically). Then how would you authorized a user for the particular resource.

Regards,

Jitendra

Adobe Experience Manager Sites & More

Site User management in AEM

Learn

Documentation

Events

Community

Support

Resources

Adobe account

Adobe