Reputation: 71
Is there a way to provide security and authorization for assets in AEM
Is there a way to provide security and authorization for assets in AEM?
We drop assets to the pages and all of the assets are viewed by the end users after login. we want to restrict that an asset on the page should be displayed only to the specific users(even though they can login). If the user has an URL of the asset and after logging in they are able to view that asset.
The requirement is to restrict the asset to the particular users only even they can login to the page.
Appreciate in your time.
Upvotes: 0
Views: 1998
Answers (2)
Reputation: 315
As you said you want authors to have control over which groups can view the assets. So in author dialog of component populate all user group to make it configurable for author. Then in your code check whether the group has permission against the asset path-
UserManager userManager = resourceResolver.adaptTo(UserManager.class);
Authorizable auth = userManager.getAuthorizable(<<group configured by author>>);
JackrabbitAccessControlManager acm = (JackrabbitAccessControlManager) adminSession.getAccessControlManager();
Set<Principal> principals = new HashSet<Principal>();
principals.add(auth.getPrincipal());
Privilege[] privileges = acm.getPrivileges(<<current assets path>>, principals);
you can check the privilege array for permissions. If group has permission than only render the asset.
Upvotes: 0
Reputation: 1712
This feature is supported OOTB in AEM. You need to build right groups with right access to the assets. By default on publish instance 'anonymous' user has read rights on the /content/dam. You need to do following -
- Remove anonymous user access, also check for all other groups to which you want to disable access and update them accordingly (You need to do this using /useradmin console)
- Create the different groups to which you can assign different users based on the required access (its better to govern access via groups than by users)
- To these each group provide access to relevant folder under /content/dam
- Add users to these group as needed
Now when the user logs-in, they will have access to the assets restricted to their group only.
For more details on user management in AEM read this article.
Upvotes: 1
Related Questions
- How to secure the assets stored in Android APK
- How to secure assets files in Android
- What could be done to hide the content/site structure to public in AEM?
- Authentication mechanishim in publish
- Expose Adobe AEM bundles as restful webservices
- Create New AEM User in adobe CQ with user rights in Java Code
- Customizing CQ / AEM Authentication
- SubServices in Apache Sling and Adobe AEM
- How to provide restricted Access to DAM Contents?
- Assets Security in Android