Lizzy Lizzy - 1 month ago 10
Java Question

Cannot derive user name for bundle with any system user in AEM

With an AEM 6.1 environment, I am trying to avoid the deprecated method

getAdministrativeResourceResolver
for getting the resource resolver in a java class.

I created system users and used existing system users that fit the right criteria (rep:authorizableId, jcr:uuid, rep:principalName properties populated and jcr:primaryType property being rep:SystemUser)

I configured the
Apache Sling Service User Mapping Service
to have the service mapping
org...:modifyJCR=oauthservice
(or corresponding user I tried)

Screenshot of configuration

The code accessing the getServiceResourceResolver method:

BundleContext context = FrameworkUtil.getBundle(this.getClass()).getBundleContext();
ServiceReference ref = context.getServiceReference(ResourceResolverFactory.class.getName());
resolverFactory = (ResourceResolverFactory) context.getService(ref);
Map<String, Object> param = new HashMap<String, Object>();
param.put(ResourceResolverFactory.SUBSERVICE, "modifyJCR");
resourceResolver = resolverFactory.getServiceResourceResolver(param);


However, I'm still getting this error from my code:
Cannot derive user name for bundle org... [491] and sub service modifyJCR


Has anyone else still run into this error after making/using system users along with configuring the Service User Mapping Service?

Does the system user have to be impersonated by the user invoking the code? The java class is invoked via ecma script called by a workflow and I am logged in as admin. I have tried adding the administrators group as impersonators for multiple users but received an error.

Answer

It turns out the version of the org.apache.sling.api package was too old (2.2.4) to do the new way around the deprecated method. Since that cannot be upgraded yet until AEM 6.2 (we don't want conflicts for versions), I will need to use the deprecated method. A more recent version such as 2.9.0 should allow using the Apache Sling Service User Mapping Service. I found this information from a coworker in a different department, they tried similar setup locally with a newer version of 2.9.0 and it worked while the older version did not work for them. Hopefully this helps someone who is stuck after following the solution of creating/using system users and configuring the mapper service but still gets a login exception.

Comments