Tenant Specific Permissions in Experience Fragments and Templates

Avatar

Avatar
Boost 1
Level 1
dpeters1
Level 1

Like

1 like

Total Posts

9 posts

Correct reply

0 solutions
Top badges earned
Boost 1
View profile

Avatar
Boost 1
Level 1
dpeters1
Level 1

Like

1 like

Total Posts

9 posts

Correct reply

0 solutions
Top badges earned
Boost 1
View profile
dpeters1
Level 1

10-06-2020

I have set up permissions for tenant specific users as follows:

Path = / with restrictions = */tenant

 

This structure has worked to provide tenant specific access in sites and assets, however, this format does not restrict the experience fragments and templates to the same tenant specificity. To troubleshoot, I've attempted to deny jcr:read to path = / with restrictions = */content/experience-fragments/* which does not work either.

I believe the URL for experience fragments including "/aem" is the problem:

Sites --> https://<url>/sites.html/content

Assets --> https://<url>/assets.html/content/dam

Experience Fragments --> https://<url>/aem/experience-fragments.html/content/experience-fragments

 

I'm also seeing the same inability for tenant restrictions in templates, but I need to do some more troubleshooting there since it's under /conf instead of /content.

 

Has anyone else attempted permissions in a multi tenant environment where each tenant only has access to their specific information?

 

View Entire Topic

Avatar

Avatar
Coach
MVP
Arun_Patidar
MVP

Likes

1,444 likes

Total Posts

3,327 posts

Correct reply

941 solutions
Top badges earned
Coach
Contributor 2
Ignite 10
Give Back 700
Boost 1000
View profile

Avatar
Coach
MVP
Arun_Patidar
MVP

Likes

1,444 likes

Total Posts

3,327 posts

Correct reply

941 solutions
Top badges earned
Coach
Contributor 2
Ignite 10
Give Back 700
Boost 1000
View profile
Arun_Patidar
MVP

10-06-2020

Hi,

Yes, we have set up the tenant specific permission for site, assets, templates and experience fragment.

do not deny permission, just allowed only for the tenant.

 

 

path: /content/experience-fragments/aem63app
permission: allow
actions: actions (optional, comma separated)