Expand my Community achievements bar.

Learn about Edge Delivery Services in upcoming GEM session
SOLVED

While creating user programatically in AEM it is giving javax.jcr.AccessDeniedException: Access denied.

Avatar

Level 3

Hi All,

    Can anyone please help me when I am craeting the user programatically it is giving me the javax.jcr.AccessDeniedException: Access denied.

 

Thanks,

Pavan

1 Accepted Solution

Avatar

Correct answer by
Community Advisor

Hi @MandaPavanKumar you can try below sample code, assuming system user is having all required permission in publish environment - 

 @Activate
    public void createLocalUser() {
        try {
            Map<String, Object> param = new HashMap<>();
            param.put(ResourceResolverFactory.SUBSERVICE, "system-user");
            ResourceResolver resolver = resolverFactory.getServiceResourceResolver(param);
            UserManager userManager = resolver.adaptTo(UserManager.class);
            Authorizable user = userManager.createUser("newlocaluser", "password");
            user.setProperty("firstName", "test");
            user.setProperty("lastName", "user");
            user.addGroup("group1");
            userManager.updateUser(user);
            LOG.info("Local user newlocaluser created successfully.");
            resolver.close();
        } catch (LoginException | RepositoryException e) {
            LOG.error("Error creating local user: {}", e.getMessage());
        }

 

View solution in original post

15 Replies

Avatar

Community Advisor

did you check the permission of the system user, you are using to save the user node.?

Please verify that.

Avatar

Level 3

Yes I ahve verified the permissions to the system user and that user is having enough permissions to create user

 

Avatar

Community Advisor

Below is the sample code to create user:

Map<String, Object> param = new HashMap<String, Object>();

param.put(ResourceResolverFactory.SUBSERVICE, "service-userid");

ResourceResolver resolver = resourceFact.getServiceResourceResolver(param);

org.apache.jackrabbit.api.security.user.UserManager userManager = resolver.adaptTo(org.apache.jackrabbit.api.security.user.UserManager.class);
if(userManager == null)
{
log.error("userManager == null!");
return;
}else {
String username = "mytestuser";
String password = "password";
org.apache.jackrabbit.api.security.user.User user = userManager.createUser(username, password);
}

 

Note: please make sure system user has permissions to create user. 

Hi Siva,

      Can you please correct me that in this line the login is reffering to username right.

 org.apache.jackrabbit.api.security.user.User user = userManager.createUser(login, password);

Thanks,

Pavan

Avatar

Community Advisor

yes, you're right, it was typo mistake, corrected it. 

 

Hi Siva,

     I have adoubt when we try to create user at published site then I am facing the issue. Can you please help me.

Thanks,

Pavan

Avatar

Community Advisor

You mean, are you trying to create the user on publisher instance ?  or you need to create user on AEM author /publisher when the user submits request from the published site etc? 

Avatar

Level 3

I followed the same implementation still it is showing access denied

Avatar

Correct answer by
Community Advisor

Hi @MandaPavanKumar you can try below sample code, assuming system user is having all required permission in publish environment - 

 @Activate
    public void createLocalUser() {
        try {
            Map<String, Object> param = new HashMap<>();
            param.put(ResourceResolverFactory.SUBSERVICE, "system-user");
            ResourceResolver resolver = resolverFactory.getServiceResourceResolver(param);
            UserManager userManager = resolver.adaptTo(UserManager.class);
            Authorizable user = userManager.createUser("newlocaluser", "password");
            user.setProperty("firstName", "test");
            user.setProperty("lastName", "user");
            user.addGroup("group1");
            userManager.updateUser(user);
            LOG.info("Local user newlocaluser created successfully.");
            resolver.close();
        } catch (LoginException | RepositoryException e) {
            LOG.error("Error creating local user: {}", e.getMessage());
        }

 

Avatar

Level 3

Hi Nitin,

     Let me try it and will you know if I face any issue.

Thanks,

Pavan

Avatar

Level 3

Hi Nitin,

     I tried but its not working for me. Even thoug I have provided the enough permissions to the system user that I had created.

Thanks,

Pavan

Avatar

Level 3

Hi Shivam,

     Correct me if I am wrong that when the site was published at dispatcher level. And now if we try to create the user at AEM end is it possible ? can you please hlpe me on this.

Thanks,

Pavan