- Prevent over-use and abuse of administrative ResourceResolvers and/or JCR Sessions
- Allow services access to ResourceResolvers and/or JCR Sessions without requiring to hard-code or configure passwords
- Allow services to use service users which have been specially configured for service level access (as is usually done on unixish systems)
- Allow administrators to configure the assignment of service users to services
NOTE: Use Service Accounts for alice and bob users [jcr:primaryType=rep:SystemUser] instead of regular accounts.
- "alice" only have READ access to document under /content/somepath path
- "bob" has both read and write access to document under /content/somepath path
- ReadService should only be allowed to read anything under /content/somepath path
- WriteService should be allowed for both read and write under /content/somepath path
Step 3: Update org.apache.sling.serviceusermapping.impl.ServiceUserMapperImpl config by creating osgi:config node under /apps/<your-apps>/config.<Place where you want to run this>/org.apache.sling.serviceusermapping.impl.ServiceUserMapperImpl.xml you can directly go to osgi config through Felix console and change this as well look for “Apache Sling Service User Mapper Service” for that.
As always feel free to ask any question you might have.