- AEM 6.5 Forms Guide
- Release Notes
- Getting Started
- Introduction to AEM Forms
- Introduction to authoring adaptive forms
- Introduction to Interactive Communications
- Introduction to managing forms
- Introduction to Automated Forms Conversion service
- Tutorial: Create your First Adaptive Form
- Tutorial: Create your First Interactive Communication
- AEM Forms Reference Collaterals
- Set up and configure We.Gov and We.Finance reference site
- We.Gov and We.Finance reference site walkthrough
- Employee recruitment reference site walkthrough
- We.Finance Auto Insurance Renewal reference site
- We.Gov reference site FOIA walkthrough
- Reference adaptive form fragments
- Reference Themes
- Reference letter templates
- Configure Microsoft Dynamics 365 for the home mortgage workflow of the We.Finance reference site
- Install and configure AEM Forms
- Architecture and deployment topologies for AEM Forms
- Choosing a persistence type for an AEM Forms installation
- Install AEM Forms on OSGi
- Install AEM Forms on JEE
- Supported platforms for AEM forms on JEE
- Installing and Deploying AEM Forms on JEE Using JBoss Turnkey
- Installing and configuring AEM Forms Document Security server
- Preparing to install AEM Forms (Single Server)
- Installing and Deploying Adobe Experience Manager Forms on JEE for JBoss
- Installing and Deploying Adobe Experience Manager forms on JEE for WebSphere
- Installing and Deploying AEM Forms on JEE for WebLogic
- Install AEM Forms Workbench
- Install and configure Designer
- Preparing to Install AEM Forms (Server Cluster)
- Configuring Adobe Experience Manager Forms on JEE on JBoss Cluster
- Configuring Adobe Experience Manager Forms on JEE on WebSphere Cluster
- Configuring Adobe Experience Manager Forms on JEE on WebLogic Cluster
- Configure AEM Forms
- Performance tuning of AEM Forms server
- Configure adaptive forms cache
- Configuring AEM DS settings
- Configuring the synchronization scheduler
- Configuring the Connector for Microsoft SharePoint
- Connecting AEM Forms with Adobe LiveCycle
- Configuring AEM Forms to submit form data to an AEM Forms on JEE process
- AEM desktop app for AEM Forms
- Upgrade AEM Forms
- Available upgrade paths
- Upgrade AEM Forms on OSGi
- Upgrade AEM Forms on JEE
- Preparing to upgrade AEM Forms
- Adobe Experience Manager Forms on JEE upgrade checklist and planning
- Upgrade to AEM 6.5 forms on JEE
- Upgrading to Adobe Experience Manager Forms on JEE for JBoss
- Upgrading to AEM Forms on JEE for JBoss Turnkey
- Upgrading to Adobe Experience Manager Forms on JEE for WebSphere
- Upgrading to Adobe Experience Manager Forms on JEE for WebLogic
- Manage AEM Forms
- AEM Forms on OSGi Groups and Privileges
- Create new folders to categorize forms
- Searching for forms and assets
- Manage form metadata
- Download an XFA or a PDF form template
- Deleting forms and related resources
- Getting XDP and PDF documents in AEM Forms
- Importing and exporting assets to AEM Forms
- Supporting new locales for adaptive forms localization
- Handling user data
- Hardening AEM Forms Environment
- Form Data Model
- Adaptive Forms - Basic Authoring
- Best practices for working with adaptive forms
- Creating an adaptive form
- Adaptive form fragments
- Configuring the Submit action
- Using CAPTCHA in adaptive forms
- Adaptive forms keywords
- Tables in adaptive forms
- Auto-save an adaptive form
- Configuring redirect page
- Creating accessible adaptive forms
- Creating forms with repeatable sections
- Embed an adaptive form or interactive communication in AEM sites page
- Embed adaptive form in external web page
- Inline styling of adaptive form components
- Introduction to multi-step form sequence
- Layout capabilities of adaptive forms
- Placeholder text in AEM Forms
- Previewing a form
- Reusing adaptive forms
- Separator component in adaptive forms
- Apply electronic signatures to a form using scribble signatures
- AEM Forms Keyboard Shortcuts
- Associating submission reviewers with a form
- Authoring in-context help for form fields
- Use Layout mode to resize components
- Adaptive Forms - Advanced Authoring
- Creating adaptive forms using JSON Schema
- Creating adaptive forms using XML Schema
- Using Adobe Sign in an adaptive form
- Creating and using themes
- Adaptive forms rule editor
- API to invoke form data model service from adaptive forms
- Asynchronous submission of adaptive forms
- Create an adaptive form using a set of adaptive forms
- Adaptive Form Templates
- Adaptive Form Expressions
- Generate Document of Record for adaptive forms
- Improve performance of large forms with lazy loading
- Prefill adaptive form fields
- Using SOM expressions in adaptive forms
- Adding information from user data to form submission metadata
- XFA support in XDP-based adaptive forms
- Grant rule editor access to select user groups
- Using AEM translation workflow to localize adaptive forms and document of record
- Styling constructs for adaptive forms
- Synchronizing Adaptive Forms with XFA Form Templates
- Integrate Adobe Sign with AEM Forms
- Creating and managing reviews for assets in forms
- Embed an adaptive form or Interactive Communication in AEM Sites Single Page Application
- Standard Validation Error Messages Adaptive Forms
- Interactive Communications
- Introduction to Interactive Communication authoring UI
- Create an Interactive Communication
- Using charts in Interactive Communications
- Texts in Interactive Communications
- Conditions in Interactive Communications
- Prepare and send Interactive Communication using the Agent UI
- Print channel and web channel
- Interactive Communications configuration properties
- Generate multiple interactive communications
- Use Layout mode to resize components
- Workflows
- Forms-centric workflow on OSGi
- Forms-centric workflow on OSGi - Step Reference
- Dynamically select a user or group for AEM Forms-centric workflow steps
- Actions and capabilities of Form-centric AEM Workflows on OSGi and AEM Forms JEE workflows
- Initiate Document Services APIs from AEM Workflow
- Logging in AEM Forms workflows
- Variables in AEM workflows
- Share and request access to Inbox items of a user
- Configure Out of Office
- AEM Forms Workspace
- Introduction to AEM Forms workspace
- Working with AEM Forms workspace
- AEM Forms Workspace Architecture
- Features of AEM Forms workspace not available in Flex workspace
- Features of Flex workspace not available in AEM Forms workspace
- Backbone interaction
- Description of reusable components
- Document details for renderer
- Integrating AEM Forms workspace components in web applications
- New render and submit service
- Understanding the folder structure
- Integrating third-party applications in AEM Forms workspace
- AEM Forms workspace JSON object description
- Introduction to Customizing AEM form workspace
- Generic steps for AEM Forms workspace customization
- Changing the locale of AEM Forms workspace user interface
- Creating a new login screen
- Customizing error dialogs
- Customizing tabs for a task
- Customizing the task details page
- Customizing the listing of process instances
- Customizing Task Actions
- Displaying additional data in ToDo list
- Getting Task Variables in Summary URL
- Customize images used in route actions
- Minification of the JavaScript files
- Customize tracking tables
- Updating the link to the documentation
- Working with Formsets in AEM Forms workspace
- APIs used in AEM Forms workspace
- Initiating a new process with existing process data in AEM Forms workspace
- Hosting two AEM Forms workspace instances on one server
- Changing the color scheme of the interface
- Changing the font on the interface
- Changing the organization logo for branding
- Displaying information in the Task Summary pane
- Displaying the user avatar
- Getting started with AEM Forms workspace
- Managing tasks in an organizational hierarchy using Manager View
- Starting processes
- Tracking processes
- Single Sign On and timeout handlers
- Using an adaptive form in HTML Workspace
- Integrating AEM forms workspace with Microsoft Office SharePoint Server
- Working with To-do lists
- Troubleshooting guidelines for AEM Forms workspace
- AEM Forms app
- Introduction to AEM Forms app
- Set up environment for AEM Forms app
- Set up the Xcode project and build the iOS app
- Building a secure AEM Forms app for iOS
- Set up the Visual Studio project and build the Windows app
- Set up the Android studio project and build the Android app
- Build the AEM Forms Android app
- Distribute AEM Forms app
- Gesture customization
- Branding Customization
- Theme Customization
- Logging in to AEM Forms app
- Home screen
- Synchronizing the app
- Working with a Form
- Working with Startpoints
- Opening a task
- Saving a task or form as a draft
- Using autosave in AEM Forms app
- Save forms as templates
- Adding attachments
- Working in the offline mode
- Updating general settings
- Troubleshoot AEM Forms app
- HTML5 Forms
- Introduction to HTML5 forms
- Getting started with HTML5 forms
- Architecture of HTML5 forms
- Feature differentiation between HTML5 forms and PDF forms
- Frequently asked questions (FAQ) for HTML5 forms
- Designing form templates for HTML5 forms
- Best practices for HTML5 forms
- Designing accessible HTML5 forms
- Generate HTML5 preview of an XDP form
- Rendering form template for HTML5 forms
- Enabling attachments for an HTML5 form
- HTML5 forms service proxy
- Optimizing HTML5 forms
- Screen readers for HTML5 forms
- Creating a custom profile for HTML5 forms
- Right-to-left languages in HTML5 forms
- Integrating Form Bridge with custom portal for HTML5 forms
- Create custom appearances in HTML5 forms
- Changing default styles of HTML5 forms
- Picture clause support for HTML5 forms
- Create accessible complex tables in HTML5 forms
- Creating CSS styles for HTML5 forms
- Customizing error messages for HTML5 forms
- Saving an HTML5 form as a draft
- Enable logging for HTML5 forms
- Debugging HTML5 forms
- Scripting support for HTML5 forms
- Form set in AEM Forms
- Letters and Correspondences
- Correspondence Management Overview
- Layout Design
- Data Dictionary
- Document Fragments
- Create Letter
- Create Correspondence
- Remote functions in Expression Builder
- Manage agent signature images
- Post processing of letters and interactive communications
- Add custom action to the Asset Listing view
- Add custom action/button in Create Correspondence UI
- Add custom properties to Correspondence Management assets
- Customize create correspondence UI
- Customize text editor
- Correspondence Management: Troubleshooting
- APIs to access letter instances
- Integrating Create Correspondence UI with your custom portal
- Custom special characters in Correspondence Management
- Custom watermark in letter PDF preview
- Configuring a Correspondence Management solution
- Inline condition and repeat in Interactive Communications and letters
- Document Fragments
- Correspondence Management Configuration Properties
- Integrate AEM Forms with Experience Cloud solutions
- Publish and process AEM Forms
- Introduction to publishing forms on a portal
- Sample for integrating drafts & submissions component with database
- Configuring storage services for drafts and submissions
- Manage Forms applications and tasks in AEM Inbox
- Watched folder in AEM Forms
- Drafts and submissions component
- Embedding link component in a page
- Publishing and unpublishing forms and documents
- Listing forms on a web page using APIs
- Accessing and filling published forms
- Sending a form submission acknowledgement via email
- Create or Configure a watched folder
- Use custom email templates in an Assign Task step
- Use metadata in an email notification
- Forms Portal
- Document Services
- Document Security
- Document security offerings
- Enable AEM to search document security protected PDF documents
- Reader extending policy-protected PDF documents using Portable Protection Library
- Enable AEM to search document security protected PDF and Microsoft Office documents
- Protect a document on behalf of another user
- Forms Designer
- Customize AEM Forms
- Appearance framework for adaptive and HTML5 forms
- Creating a custom adaptive form template
- Creating custom layout components for adaptive forms
- Adding custom action on form lister items
- Customize layout and positioning of error messages of an adaptive form
- Creating a custom toolbar action
- Customizing form event tracking
- Create custom appearances for adaptive form fields
- Customizing Draft and Submission data services
- Dynamically populating drop-down lists
- Writing custom Submit action for adaptive forms
- Creating custom toolbar layout
- Displaying components based on the template used
- Creating custom adaptive form themes
- Transaction Reports
- Administrator help for AEM Forms on JEE
- Get Started
- Setting up and managing domains
- Configuring User Management
- Change the order of evaluation for authentication
- Configure the LDAP bind password
- Configure AEM forms to prefetch domain information
- Configuring certificate-based authentication
- Configure SAML service provider settings
- Enabling single sign-on in AEM forms
- Configure User Management for an SSL-enabled LDAP server
- Importing and exporting the configuration file
- Configure advanced system attributes
- Preventing CSRF attacks
- Setting up and organizing users
- Connecting to a content management system
- Managing certificates and credentials
- Importing and managing applications and archives
- Managing Services
- Managing Endpoints
- Configuring Acrobat Reader DC extensions
- Certificate types used by Acrobat Reader DC extensions
- Recognizing valid and expired certificates in PDF documents
- Configuring Acrobat Reader DC extensions for data capture
- Review credential use information
- Configuring credentials for use with Acrobat Reader DC extensions
- Review the usage rights of a PDF file
- Enabling online commenting for Adobe Reader web browser plug-in
- Setting timeout values for use with Acrobat Reader DC extensions
- Updating expired Reader Extension service certificates
- Working with PDF Generator
- Introduction to working with PDF Generator
- Enabling multi-threaded file conversions
- Configuring Adobe PDF settings
- Configuring security settings
- Configuring file type settings
- Importing and exporting PDF Generator configuration files
- Enable PDF/A support
- Setting up a PDFG Network Printer (Windows only)
- Configuring fallback fonts
- Modifying the PDF Export conversion settings
- Converting files using PDF Generator
- Configuring SSL
- Working with document security
- About document security
- High-volume secure information delivery
- Configuring client and server options
- Managing invited and local user accounts
- Controlling access to policy-protected documents
- Monitoring events
- Creating and managing policies
- Using the document security webpages
- Creating and managing policy sets
- Registering as a User
- Configuring Forms
- Configuring Output
- Configuring forms workflow
- About administration and process terminology
- Managing Processes
- Configuring Business Calendars
- Overview of Forms workflow
- Configuring Out of Office Settings
- Searching for process instances
- Configuring Server Settings
- Working with stalled operations and branches
- Configuring Shared Queues
- Working with tasks
- Configuring Workspace
- Health Monitor
- Maintaining AEM forms
- Maintaining the AEM forms Database
- Maintaining the Application Server
- AEM forms Backup and Recovery
- Backing up and recovering the EMC Documentum repository
- Enabling and disabling safe backup mode
- Backing up the AEM forms data
- Files to back up and recover
- Backup and recovery strategy for AEM forms
- PDF Generator backup limitations
- Backup strategies for watched folders
- Recovering the AEM forms data
- Backup strategy for Connector for EMC Documentum users
- Strategy for backup and restore in a clustered environment
- System information service
- Process Reporting
- Developer Reference
- Developer basics
- HTML Template Language
- AEM plug-in to debug adaptive forms
- AEM Forms Java API Reference
- AEM Forms on JEE Java API Reference
- Form Bridge APIs for HTML5 forms
- JavaScript Library API reference for Adaptive Forms
- Assembler Service and DDX Reference
- Workbench Help
- Programming with AEM Forms on JEE
- Introduction to programming with AEM Forms on JEE
- Developing SPIs for AEM Forms
- Java API Quick Start - Code Examples
- Application Manager Client JavaAPI Quick Start(SOAP)
- Application Manager Service JavaAPI Quick Start(SOAP)
- Assembler Service Java API QuickStart(SOAP)
- Acrobat Reader DC extensions Service Java API Quick Start(SOAP)
- Backup and Restore Service APIQuick Starts
- Barcoded Forms Service Java APIQuick Start(SOAP)
- Components and Services Java APIQuick Start(SOAP)
- Convert PDF Service Java API QuickStart(SOAP)
- Credential Service Java API QuickStart(SOAP)
- Distiller Service Java API QuickStart(SOAP)
- DocConverter Service Java API QuickStart(SOAP)
- Document Management Service (Deprecated)Java API Quick Start(SOAP)
- Document Security Service JavaAPI Quick Start(SOAP)
- Encryption Service Java API QuickStart(SOAP)
- Endpoint Registry Java API QuickStart(SOAP)
- Form Data Integration Service JavaAPI Quick Start(SOAP)
- Forms Service API Quick Starts
- Generate PDF Service Java API QuickStart(SOAP)
- Invocation API Quick Starts
- LiveCycleProcess Java API(SOAP)Quick Start
- Output Service Java API Quick Start(SOAP)
- PDF Utilities Service Java APIQuick Start(SOAP)
- Repository Service API Quick Starts
- Signature Service Java API QuickStart(SOAP)
- Task Manager Service Java API QuickStart(SOAP)
- User Manager Java API Quick Start(SOAP)
- XMP Utilities Service Java APIQuick Start(SOAP)
- Invoking AEM Forms on JEE using APIs
- Performing Service Operations using APIs
- Performing Service Operations Using APIs
- Rendering Forms
- Assembling PDF Documents
- Programmatically Assembling PDF Documents
- Converting Between File Formats and PDF
- Programmatically Disassembling PDF Documents
- Assembling Encrypted PDF Documents
- Assembling Multiple XDP Fragments
- Assembling Documents Using Bates Numbering
- Assembling Non-Interactive PDF Documents
- Assembling PDF Documents with Bookmarks
- Assigning Usage Rights
- Assembling PDF Portfolios
- Calculating Form Data
- Creating Web Applications thatRenders Forms
- Creating PDF Documents with SubmittedXML Data
- Disassemble a PDF document using the web service API
- Determining Whether Documents Are PDF/A-Compliant
- Dynamically Creating DDX Documents
- Handling Submitted Forms
- Optimizing the Performance of theForms Service
- Passing Documents to the FormsService
- Prepopulating Forms with Flowable Layouts
- Rendering Forms Based on Fragments
- Rendering Forms By Value
- Rendering Forms as HTML
- Rendering Forms at the Client
- Rendering HTML Forms Using Custom CSS Files
- Rendering HTML Forms with CustomToolbars
- Rendering Interactive PDF Forms
- Rendering Rights-Enabled Forms
- Validating DDX Documents
- Converting PDF to Postscript andImage Files
- Converting Postscript to PDF Documents
- Creating Document Output Streams
- Digitally Signing and Certifying Documents
- Encrypting and Decrypting PDF Documents
- Importing and Exporting Data
- Managing Users
- Working with AEM Forms Repository
- Working with barcoded forms
- Working with Credentials
- Working with PDF/A Documents
- Working with PDF Utilities
- Working with XMP Utilities
- Preparing AEM Forms for Backup
- Programmatically Managing Endpoints
- Programmatically managing the Preferences Nodes
- Protecting Documents with Policies
- Validate a DDX document using the web service API
- Troubleshooting
- Unable to use some forms features with certain versions of Oracle JDK
- Additional Steps to get Email with Attachment for Adaptive Forms On JEE version
- Unable to convert Word or Excel file to PDF on Windows Server
- Unable to open XFA-based PDF forms in Google Chrome, Firefox, Microsoft Edge, Microsoft Internet Explorer, or Apple Safari
- Unable to restore CRX Repository
- Service unavailable errors after installing AEM 6.5.15.0 service pack
- AEM Forms JEE 6.5.15.0 service pack installation issue on JBoss Linux environment
- EAR Deployment Failing on JEE WebLogic Server
- Legacy documentation
- Using the execute script service in AEM Forms on JEE Workbench to build XML data
- Compressing and decompressing files using a AEM Forms on JEE Custom DSC
- Configuring and troubleshooting an AEM Forms on JEE server cluster
- Generating and working with Hashes in dynamic PDF forms
- Passing credentials using WS-Security headers
Hardening and Securing AEM forms on OSGi environment
Learn recommendations and best practices for securing AEM Forms on OSGi server.
Securing a server environment is of paramount importance for an organization. This article describes recommendations and best practices for securing servers that run AEM Forms. This is not a comprehensive host-hardening document for your operating system. Instead, this article describes various security-hardening settings that you should implement to enhance the security of your deployed application. To ensure that the application servers stay secure, however, you should also implement security monitoring, detection, and response procedures in addition to recommendations provided in this article. The document also contains best practices and guidelines for securing PII (Personally Identifiable Information).
The article is intended for consultants, security specialists, systems architects, and IT professionals who are responsible for planning application or infrastructure development and deployment of AEM Forms. These roles include the following common roles:
- IT and operations’ engineers who must deploy secure web applications and servers in their own or customer organizations.
- Architects and planners who are responsible for planning the architectural efforts for the clients in their organizations.
- IT security specialists who focus on providing security across the platforms within their organizations.
- Consultants from Adobe and partners who require detailed resources for customers and partners.
The following image displays components and protocols that are used in a typical AEM Forms deployment, including the appropriate firewall topology:
AEM Forms is highly customizable and can work in many different environments. Some of the recommendations might not be applicable to your organization.
Secure transport layer
Transport layer security vulnerabilities are among the first threats to any Internet-facing or intranet-facing application server. This section describes the process of hardening hosts on the network against these vulnerabilities. It addresses network segmentation, Transmission Control Protocol/Internet Protocol (TCP/IP) stack hardening, and the use of firewalls for host protection.
Limit open endpoints
An organization can have an external firewall to restrict access between an end-user and AEM Forms publish Farm. The organization can also have an internal firewall to limit access between a publish farm and other within organization elements (For example, author instance, processing instance, databases). Allow firewalls to enable access to a limited number of AEM Forms URLs for end-users and within organizations elements:
Configure external firewall
You can configure an external firewall to allow a certain AEM Forms URLs to access to the internet. Access to these URLs is required to fill or submit an adaptive form, HTML5, correspondence management letter or to login to an AEM Forms server:
| Component | URI |
| Adaptive forms |
|
| HTML5 forms |
|
| Correspondence management |
|
| Forms Portal |
|
| AEM Forms App |
|
Configure internal firewall
You can configure the internal firewall to allow certain AEM Forms components (For example, author instance, processing instance, databases) to communicate with publish farm and other internal components mentioned in the topology diagram:
| Host |
URI |
| Publish Farm (publish nodes) | /bin/receive |
| Processing Server | /content/forms/fp/* |
| Forms Workflow add-on server (AEM Forms on JEE server) | /soap/sdk |
Setup repository permissions and access control lists (ACLs)
By default, assets available on the publish nodes are accessible to everyone. Read-only access is enabled for all the assets. It is required to enable anonymous access. If you plan to restrict form view and submit access only to authenticated users, then use a common group to allow only authenticated users to have read-only access to the assets available on the publish nodes. The following locations/directories contain forms assets which require hardening (read only access for authenticated users):
- /content/*
- /etc.clientlibs/fd/*
- /libs/fd/*
Securely handle forms data
AEM Forms stores data to predefined locations and temporary folders. You should secure the data to prevent an unauthorized use.
Setup periodic cleanup of temporary folder
When you configure forms for file attachments, verify, or preview components, corresponding data is stored on the publish nodes at /tmp/fd/. The data is purged periodically. You can modify the default data purge job to be more aggressive. To modify the job scheduled to purge data, open AEM Web Console, open AEM Forms Temporary Storage Cleaning Task, and modify the Cron expression.
In the above-mentioned scenarios, the data is saved only for authenticated users. Moreover, the data is protected with access control lists (ACLs). So, modifying the data purge is an additional step to securing information.
Secure data saved by forms portal submit action
By default, forms portal submit action of adaptive forms saves data in the local repository of the publish node. The data is saved at /content/forms/fp. It is not recommended to store data on publish instance.
You can configure the storage service to send over-the-wire to the processing cluster without saving anything locally on the publish node. The processing cluster resides in a secure zone behind the private firewall and data remains safe.
Use the credentials of processing server for AEM DS settings service to post data from the publish node to the processing server. It is recommended to use credentials of a restricted non-administrative user with read-write access to repository of processing server. For more information, see Configuring storage services for drafts and submissions.
Secure data handled by form data model (FDM)
Use user accounts with minimum required privileges to configure data sources for form data model (FDM). Using administrative account can provide open access of metadata and schema entities to unauthorized users.
Data integration also provides methods to authorize FDM service requests. You can insert pre and post execution authorization mechanisms to validate a request. The service requests are generated while prefilling a form, submitting a form, and invoking services through a rule.
Pre-process authorization: You can use the pre-process authorization to validate authenticity of a request before executing it. You can use inputs, service and request details to allow or stop execution of the request. You can return a data integration exception OPERATION_ACCESS_DENIED if the execution is stopped. You can also modify client request before sending it for execution. For example, changing input and adding additional information.
Post-process authorization: You can use the post-process authorization to validate and control the results before returning the results to requester. You can also filter, prune, and insert additional data to results.
Limit user access
A different set of user personas are required for author, publish, and processing instances. Do not run any instance with administrator credentials.
On a publish instance:
- Only users of forms-users group can preview, create draft, and submit forms.
- Only users of cm-user-agent group can preview correspondence management letters.
- Disable all non-essential anonymous access.
On an author instance:
-
There are a different set of pre-defined groups with specific privileges for every persona. Assign users to group.
-
A user of forms-user group:
- can create, fill, publish, and submit a form.
- cannot create an XDP-based adaptive form.
- do not have permissions to write scripts for adaptive forms.
- cannot import XDP or any package containing XDP
-
A user of forms-power-user group create, fill, publish, and submit all types of forms, write scripts for adaptive forms, import packages containing XDP.
-
A user of template-authors and template-power-user can preview and create a template.
-
A user of fdm-authors can create and modify a form data model.
-
A user of cm-user-agent group can create, preview, and publish correspondence management letters.
-
A user of workflow-editors group can create an inbox application and workflow model.
-
On processing author:
- For remote save and submit use cases, create a user with read, create, and modify permissions on the content/form/fp path of the crx-repository.
- Add user to workflow-user group to enable a user to use AEM inbox applications.
Secure intranet elements of an AEM Forms environment
In general, Processing clusters and Forms Workflow add-on (AEM Forms on JEE) run behind a firewall. So, these are considered secure. You can still perform a few steps to harden these environments:
Secure processing cluster
A processing cluster runs in the author mode but do not use it for development activities. Do not allow a normal user to be included in content-authors and form-users groups of a processing cluster.
USE AEM best practices to secure an AEM Forms environment
This document provide instructions specific to AEM Forms environment. You should take to ensure that your underlying AEM installation is secure when deployed. For detailed instructions, see AEM Security Checklist documentation.
Business.Adobe.com resources
Resources
Adobe Account
