User group based component level access in live site

Question

Hello all,I am aware of page level access to certain groups for AEM live site. I mean after logging into live AEM site, if the user has permission to certain page(say about-us.html), then show the page. Or else, redirect to login page(or some message).  My query is:  user1 belongs to group1, other user2 belongs to group2. Now, user1 logged in and opens test.html page. Now, he should see comp1, comp2.  How can I hide these components to group2 users? Thanks

aanchal-sikka · Accepted Answer

Hello @mahesh_gunaje

One approach can be via Sling models:

1. The components would need to be dynamic. Hence, you would need to use Ajax or SDI. We should not cache this component on CDN

2. Do these components belong to pre-defined groups? If yes, we can create dummy nodes representing these groups. The user access on there nodes can be checked in Sling-Model. If user has access, data is resolved. If not, a param from Sling Model can be sent to slightly, which would ascertain that component doesn't render anything

arunpatidar · Answer

Hi @mahesh_gunaje
We had the same problem and we had solve this with custom implementation.

1. Created a container component (Restricted content), add a dropdown or option to add allowed cug groups. when you save the dialog, add these cug group into rep.cugPolicy node parallel to the content node (similar to page)

2. drop and drag content component inside this container component, which has to be hidden for the user.

3. If you are caching these pages then load this Restricted container component asynchronously from client side or sdi without cache.

Sign up

Login with SSO

Login to the community

Login with SSO

Scanning file for viruses.

This file cannot be downloaded