Monday, 28 August 2023

System user or Service user & Resource Resolver

System User/Service User

  • System or service users in AEM are specific types of users designated to perform operations with minimal permissions within a particular bundle. Unlike regular users, they cannot log into AEM using typical credentials.
  • It means they have specific kinds of users with which you can't log into AEM using normal login credentials, as you would for regular users. They have minimal permissions, meaning they are granted only the necessary permissions to perform their designated operations, and they are always mapped to a particular bundle.
  • For example, if I have a resource that requires updating, specifically adding a particular property to it, I delegate this task to a service user that is associated with a specific bundle.
What is the need of System User/Service User?
  • In AEM 6.0, when you needed to update content or resources programmatically, In AEM 6.0, there were two primary methods to obtain the necessary session or resolver from the repository: 
  1. The administrative session 
  2. The administrative Resource Resolver.
  • Main Methods

    • Session session = SlingRepository.loginAdministrative();
    • ResourceResolver rr = resourceResolverFactory.getAdministrativeResourceResolver();

  • Two operations to get resource Resolver or session using repository you will get administrative session or administrative resource Resolver by using this two methods we will get administrative permissions
  • It means whole repository access that was breaking the principle of list privileges means 
  • If you have two main method session and Resource Resolver you could update whole repository.
  • because you had all permissions it means all access.

If you have two main method session and Resource Resolver you could update whole repository than How to resolve this kind of issue?

  • In order to address this issue, AEM introduced the concept of System User or Service User with version 6.1 .
How to create System user and How you can map those system user to a particular bundle?





  1. Creating a system/service user can be done through three methods:
  • Using Repository Explorer, which is also referred to as the plain vanilla method.


For Login





After checking the green checkbox, click on "Close." Now, you have successfully created the system user.



at

No comments:

Post a Comment

Subscribe to: Post Comments (Atom)

Servlet in AEM/Sling Servlet

  What is Servlet? A servlet is a Java class that runs on the server side where the application resides. It acts as a middle layer between t...

  • OSGi Service with filter and target in AEM
    1. What happened when service interface has multiple implementation? We can understand this concept for certain use cases when we dealing wi...
  • Workflow in AEM (Part -1)
     What is Workflow? It allows you to automate your tasks, which can be individual tasks or a series of tasks performed sequentially, mainly o...
  • OSGi Service
    What is OSGi Service? OSGI services are the reusable services just like method in java. Suppose, we have functionality like email triggering...