Expand my Community achievements bar.

User Creation using AccountManagementService API in AEM

Avatar

Level 3

Hello AEM Forks,

When it comes to the right access to right person, creating users is the first thing which hit our mind.


Let us see how to create users in AEM6.2.

Initially users were getting created using AccountManager API and but now this is deprecated in AEM6.2. After doing POC I came to know that “AccountManagement Service API” is extended with lot of new features.

Activation of AccountManagementService in Felix Console

Before using any OSGi Service, ideally it should be in "active" state but AccountManagement Service was in "unsatisfied" state when i checked it.

config.PNG
Fig- Account Management Service in Unsatisfied State

Follow the below Steps to make this Service in active State:

mail.PNG
Fig- Configure Day CQ Mail Service
  • The email id which is configured in "Day CQ Mail Service", should turn on the "less secure apps" of google account.
  • To turn it on Click here.
turn on.PNG
Fig- Turn On Less Secure Apps of gmail account
  • Now AccountManagemntService is in "satisfied" and "active" state.
satisfy.PNG
Fig- Account Management Service is in Satisified state

Explanation of AccountManagementService  APIAccountManagementService API provide the below method to create AEM User.

method.PNG
Fig- requestAccount() method of AccountManagementService API


Below are the parameters of requestAccount() method in detail:

  • UserId: UserId  is a name through which, the account will be created in AEM.
  • Pwd: This is the password of the user account.
  • Map<String,RequestParameter[]> properties : In this map, user's profile related all additional values can get stored. In this map “email” property must exist, because email is used for sending the mail to user to confirm or validate a newly created account
user profile.PNG
Fig- Storing properties
  • requestUrl: API will get the host and port using this parameter which will help to create confirmation page URL. This URL will be sent to user via mail for verifying the account. Example: http://localhost:4502

Note: I have given the example of localhost, but this will not work in other environment i.e QA/UAT. For these environments, domains will be dynamically fetched from “DAY CQ Link Externalizer” configuration from Felix console

  • configPath: It is a path of the node(e.g., “/content/properties”) type of nt:unstructured , where below three properties need to be added: 

  a) memberOf
  b) intermediatePath
   c) confirmationPage

configPath.PNG
Fig- config path node with its properties

Detailed explanation of above Properties:

  • memberOf : This property identifies that the user should be part of which group. If you don’t provide any value to memberOf property,the user become part of “everyone” group. Note: This is an optional field.
  • intermediatePath: By default , AEM users gets created under /home/users.Intermediate path is used to provide customized path for creation of users. Eg: sgaem. So here, all the users will be created under /home/users/sgaemNote: This is an optional field.
  • confirmationPage: ConfirmationPage link will be sent to email id which is added by user in registeration details. Note: This field is mandatory.

Functionality of requestAccount() method

AccountCreation (1).jpg
Fig- Flow of user creation using AccountManagementService API

Follow the below Steps:

  • User fills the Account Creation form and submits it.

signUp form.PNG

  • This Request received by the servlet  and the servlet calls the requestAccount() method of AccountManagementService API.
userdisabled.PNG
Fig- Highlighted property shows that the user is in disable state

mail message.PNG
Fig- User gets the Account Verification Email

  • The confirmation link page will be having a component named "emailConfirmation". The emailConfirmation.html contains.
  • User will click on verification link to enable the account in AEM.
enable-User.PNG
Fig- User become Enable After Verifying the link
  • Confirmation mail will be sent to user after verification.
user-creation mail.PNG
Fig- User gets email for Account Creation
  • Mission Accomplished: and created user can access the AEM instance with his own credentials

But wait, below issue can screw all the happiness.



Issue :  Initially I used configPath as “/etc/properties” but accountManagementService.requestAccount() will throw nullPointerException.

Solution: While checking the code,I came to know that AccountManagementService  API internally using below method to get the Session object.

user-mapper.PNG
Fig- Service User Mapper Service Configuration

account manager.PNG

Fig- Check the Permission of Service user

"account manager" is a user correspond to "account-management-service" in "Apache Sling Service User Mapper Service Amendment" configuration, but account manager has only permissions for " /content".

Note: The configPath should be under "/content" or you can give any hierarchy but “account-manager” user must have the permission of that particular configPath.

"account manager" is a user correspond to "account-management-service" in "Apache Sling Service User Mapper Service Amendment" configuration, but account manager has only permissions for " /content".

Note: The configPath should be under "/content" or you can give any hierarchy but “account-manager” user must have the permission of that particular configPath.

For more such blog please  visit : http://sgaem.blogspot.in


Kindly share your feedback and contact us at sgaem.blog02@gmail.com for any query.

Thanks and Happy Learning

6 Replies

Avatar

Administrator

Hi Saurabh

Excellent share with the community.

Keep sharing your future blogs.

~kautuk



Kautuk Sahni

Avatar

Level 3

Good article, just in case how do I manage different languages for the mail body for different users ?

Thanks,

Avatar

Level 3

Hi Scott,

just in case, is the featured content available for use in 6.2 and how to implement the same ?

Thank you,

Avatar

Level 1

How about translations for emails ?