Programmatically add permissions to system user in AEM 6.1 | Community
Skip to main content
brunovianarezen
brunovianarezen
New Participant
October 21, 2015
Solved

Programmatically add permissions to system user in AEM 6.1

  • October 21, 2015
  • 11 replies
  • 5913 views

Hi,

is it possible to programmatically add permissions to a system user in AEM 6.1 (i.e. using java or maven)?

This is my use case: I want to automatically create the system users and give them the needed permissions.

I tried to export the permissions stored in '/jcr:system/rep:permissionStore/crx.default/myuser' and then re-import, but I got an error saying that the path is protected (at least one other person had the same problem: http://stackoverflow.com/questions/31460105/how-to-import-content-with-system-user).

If I try to assign the permissions using java, then I have a chicken-egg problem: I need a service user with the right permissions to be able to assign the permissions. Or maybe there is a builtin system user that I could use for that?

    This post is no longer active and is closed to new replies. Need help? Start a new post to ask your question.
    Best answer by smacdonald2008

    OK - that was article written and tested on 5.6. We still have a lot of AEM users on that CQ version. 

    Anyhow for AEM 6.1 - manually create an AEM system as documented here:

    https://docs.adobe.com/docs/en/aem/6-1/administer/security/security.html

    Then use that system user when using the getServiceResourceResolver method:

     Map<String, Object> param = new HashMap<String, Object>();

    param.put(ResourceResolverFactory.SUBSERVICE, "datawrite");
    ResourceResolver resolver = null;

    try {
               
        resolver = resolverFactory.getServiceResourceResolver(param);
        session = resolver.adaptTo(Session.class);

    Do not try and create the system user (ie -  datawrite in this code example) via the Jackrabbit API. 

    11 replies

    Show previous replies
    smacdonald2008
    smacdonald2008
    New Participant
    October 21, 2015

    What most people do to dynamically create users via the API is to create a user and then add that user to an existing AEM group that has defined permissions.

    To learn how to create users and add them to a group -- see this AEM Community article: 

    Using Jackrabbit UserManager APIs to create AEM Users and Groups at https://helpx.adobe.com/experience-manager/using/jackrabbit-users.html.

    Terms & ConditionsAccessibility statement

    Loading footer...