CQ Provisionning & Authoring

2,499 views
2,369 views

Published on

Adobe Experience Manager (CQ) Provisionning & Authoring

§1 Authentication
- Best Practices
- Authentication Handler
- Login Module

§2 Resource Provisioning
- Best Practices
- Blueprints
- From Actions & Workflows

§3 Author Scalability
- Vertical
- Horizontal

Published in: Technology, Business
0 Comments
1 Like
Statistics
Notes
  • Be the first to comment

No Downloads
Views
Total views
2,499
On SlideShare
0
From Embeds
0
Number of Embeds
1
Actions
Shares
0
Downloads
37
Comments
0
Likes
1
Embeds 0
No embeds

No notes for slide

CQ Provisionning & Authoring

  1. 1. 1 PROVISIONING & AUTHORING @GabrielWalt – Product Manager – Web Experience Management
  2. 2. 2 PROVISIONING & AUTHORING Presentation Topics 1 Authentication • Best Practices • Authentication Handler • Login Module 2 Resource Provisioning • Best Practices • Blueprints • From Actions & Workflows 3 Author Scalability • Vertical • Horizontal
  3. 3. 3 PROVISIONING & AUTHORING 1 Authentication • Best Practices • Authentication Handler • Login Module
  4. 4. 4 PROVISIONING & AUTHORING 1 Authentication Best Practices Keep it Simple • Don’t micro-manage access rights for individual users or on individual pages • Use groups to assign access rights • Structure content around groups • Use Allow statements to specify group access rights
  5. 5. 5 PROVISIONING & AUTHORING 1 Authentication Authentication Handler Implements the method by which visitors provide credentials. It must implement: • Request Credentials • Extract Credentials • Drop Credentials Example of implementations: • HTTP Basic • Form based • Token based • OpenID • SAML 2.0
  6. 6. 6 PROVISIONING & AUTHORING 1 Authentication Login Module Implements the method by which the server verifies the credentials. Steps to add Login Modules: • OSGi fragment bundle (since 5.5) • Edit repository.xml file & jaas.conf file • Update your startup script • Restart CQ Example Login Modules: • CRX • LDAP
  7. 7. 7 PROVISIONING & AUTHORING 1 Authentication LDAP Login Module Useful Features • Creates the users in the repository • Can assign users to groups from LDAP • Has a cache (with timeout and size settings) • Can sync all users or a list of them at once • Callbacks can be registered on user and group creation
  8. 8. 8 PROVISIONING & AUTHORING 1 Authentication Restful user & group management Create a user curl -u admin:admin -FcreateUser= -FauthorizableId=myUserName -Frep:password=myPassword -Fmembership=myGroupName -Fprofile/myPropertyName=myPropertyValue http://localhost:4502/libs/granite/security/post/authorizables Create a group curl -u admin:admin –FcreateGroup= -FauthorizableId=myGroupName http://localhost:4502/libs/granite/security/post/authorizables
  9. 9. 9 PROVISIONING & AUTHORING 1 Authentication Restful user & group management Edit an existing user $ curl -u admin:admin -Fprofile/myPropertyName=myPropertyValue http://localhost:4502/home/users/m/myUserName.rw.html Set a user’s group memberships (overwriting existing group memberships) $ curl -u admin:admin -Fmembership=myGroupName1 -Fmembership=myGroupName2 http://localhost:4502/home/users/m/myUserName.rw.html Add/Remove users to/from a group (not impacting other memberships) $ curl -u admin:admin -FaddMembers=myUserName1 -FaddMembers=myUserName2 -FremoveMembers=myUserName3 -FremoveMembers=myUserName4 http://localhost:4502/home/groups/m/myGroupName.rw.html
  10. 10. 10 PROVISIONING & AUTHORING 1 Authentication Restful user & group management Get current user’s information $ curl -u admin:admin http://localhost:4502/libs/granite/security/currentuser.json Delete a user or group $ curl -u admin:admin –FdeleteAuthorizable= http://localhost:4502/home/users/m/myUserName
  11. 11. 11 PROVISIONING & AUTHORING 2 Resource Provisioning • Best Practice • Blueprints • From Actions & Workflows
  12. 12. 12 PROVISIONING & AUTHORING 2 Resource Provisioning Best Practice Keep it simple • Keep number of templates low • Keep number of components low • Leverage CSS • Build CSS-friendly markup • Set smart classes on the pages
  13. 13. 13 PROVISIONING & AUTHORING 2 Resource Provisioning Blueprints • Page structure ready to be provisioned • Page structure can be customized (to some extent) • A site owner can be defined (typically a group) • Simple copy or LiveCopy is possible (for keeping pages in sync) • A RolloutConfig can be added (to configure the components used for rendering)
  14. 14. 14 PROVISIONING & AUTHORING 2 Resource Provisioning From Actions & Workflows Useful when resouces needs to be provisioned on demand. Looking at the CQ 5.6+ New Community feature: • Form for creating a new community • Workflow for creating the content and setting ACL
  15. 15. 15 PROVISIONING & AUTHORING 2 Resource Provisioning New Community – deconstructing how it works: 1. New Community Form: • Custom form component • Configurable properties (livecopy & blueprint paths) • Form action => forward.jsp 2. Forward.jsp • Verifies values of submitted form • Opens an admin session • Creates a workflow node (below /etc/social/groups/) • Adds to the workflow payload: • form payload • form properties • current user id
  16. 16. 16 PROVISIONING & AUTHORING 2 Resource Provisioning New Community – deconstructing how it works: 3. Workflow launcher • Has a workflow listening to node creations under /etc/social/groups/ 4. “Create Community Live Copy” Workflow • Creates a Live Copy from the master Community pages • Activates the pages (which is probably not what you would do) • Moves the workflow payload to the created parent page
  17. 17. 17 PROVISIONING & AUTHORING 2 Resource Provisioning 6. “New Social Community Group” Workflow • Creates admin group • Adds original user to the admin group • Sets ACL to the content for the admin group New Community – deconstructing how it works: 5. Workflow launcher • Has a workflow listening to page creation that has a payload
  18. 18. 18 PROVISIONING & AUTHORING 3 Author Scalability • Vertical • Horizontal
  19. 19. 19 PROVISIONING & AUTHORING 3 Author Scalability Vertical Scalability • Setup an Author Dispatcher • Optimize Hardware • Increase CPU, RAM & Disk speed • Server load is affected by • Image rendering & digital asset processing • MSM Rollout • Workflows • Simple Editing Sufficient for at least 50 editors editing content concurrently. Approximation of # of logged-in users (of which only a fraction is editing concurrently!): $ grep access.log
  20. 20. 20 PROVISIONING & AUTHORING 3 Author Scalability Horizontal Scalability Sharding 1: Split different sites (or parts of sites) into separate author instances. Publish instances are shared. A site 1 A site 2 A site 3 editing editing editing P P P replication
  21. 21. 21 PROVISIONING & AUTHORING 3 Author Scalability Horizontal Scalability Sharding 2: Split different sites into separate author instances, but replicate to one main author, e.g. for shared workflow processes. A site 1 A site 2 A site 3 editing editing editing A replication P replication
  22. 22. 22 PROVISIONING & AUTHORING Thank you! @GabrielWalt – Product Manager – Web Experience Management

×