ALindley: I was able to make it work on SSO enabled portal. There are 2
things that needs to be done in order to achieve this:1. Set sling:sudo
cookie with the user name that you want to impersonate as.2. On Server
side, using user admin or any service user that has priviledge on
/home/users, set the rep:impersonator property as current user on the
user that you are trying to impersonate as.
No there is no OOTB configuration in AEM 6.3 the way we have in AEM 6.4
for Adobe Launch.AEM 6.3 Launch - Integrate AEM 6.3 with Adobe Launch
AEM 6.4 Launch - Integrate AEM with Adobe Launch Via Adobe I/O
As explained by Arun, it is ok to have read access to /conf. Permission
to /conf is required because you are probably adding client library
through page design hence read permission to /conf(i.e. templates) is
required. In cases where component level client libraries are used,
permission to /conf is not required.