Search code examples
slingjackrabbit

How to create system user in Sling?

How can I create a system user in Sling?

I tried searching but all I find is related to AEM, which I don't use. Is it possible to create the user using Jackrabbit API or Sling Initial Content (descriptor files)?

I tried to execute the following:

curl -u admin:admin -F:name=myuser -Fpwd=mypwd -FpwdConfirm=mypwd -Frep:principalName=myuser -Fjcr:primaryType=rep:SystemUser http://localhost:8080/home/users/system/*

But there is an error:

*ERROR* [127.0.0.1 [1465215465364] POST /home/users/system/* HTTP/1.1] org.apache.sling.servlets.post.impl.operations.ModifyOperation Exception during response processing.
javax.jcr.nodetype.ConstraintViolationException: Property is protected: rep:principalName = myuser
    at org.apache.jackrabbit.oak.jcr.delegate.NodeDelegate.setProperty(NodeDelegate.java:525)
    at org.apache.jackrabbit.oak.jcr.session.NodeImpl$35.perform(NodeImpl.java:1358)
    at org.apache.jackrabbit.oak.jcr.session.NodeImpl$35.perform(NodeImpl.java:1346)
    at org.apache.jackrabbit.oak.jcr.delegate.SessionDelegate.perform(SessionDelegate.java:209)
    at org.apache.jackrabbit.oak.jcr.session.ItemImpl.perform(ItemImpl.java:112)
    at org.apache.jackrabbit.oak.jcr.session.NodeImpl.internalSetProperty(NodeImpl.java:1346)
    at org.apache.jackrabbit.oak.jcr.session.NodeImpl.setProperty(NodeImpl.java:432)
    at org.apache.sling.servlets.post.impl.helper.SlingPropertyValueHandler.store(SlingPropertyValueHandler.java:592)
Solution

  • Not sure this is possible through a post request per: https://mail-archives.apache.org/mod_mbox/sling-users/201512.mbox/%3CCAFMYLMb9Wiy+DYmacc5oT7YRWT1hth8j1XAAo_sKT8uq9HoFNw@mail.gmail.com%3E

    The suggested solution is to use the jackrabbit api to do this. This would look something like: 

    //get a user manager

try {
    User systemUser = userManager.createSystemUser("myuser", "/home/users/system");
} catch (Exception e) {
     log.error("Error adding user",e);
     throw e;
}

//commit changes

    It's very important to note that this doesn't allow you to set a password for this user, nor can one be set with user.changePassword() -- when I try that I get an error:

    javax.jcr.UnsupportedRepositoryOperationException: system user

    From the java doc:

    Create a new system user for the specified userID. The new authorizable is required to have the following characteristics:

    • User.isSystemUser() returns true.
    • The system user doesn't have a password set and doesn't allow change the password.

    http://jackrabbit.apache.org/api/2.10/org/apache/jackrabbit/core/security/user/UserManagerImpl.html

    Here's my whole activator class: https://gist.github.com/scrupulo/61b574c9aa1838da37d456012af5dd50