Unlocking a locked page in AEM by any user

This article explains how you can unlock a page in Adobe Experience Manager (AEM) that had been locked by a different user. For a long time, a locked page in AEM could be unlocked only by the user who locked the page or the default master “admin” account. Even members of the administrators group could not unlock it. However, this issue has now been addressed in AEM as a Cloud Service v. 2024.10.

Description description

Environment

Adobe Experience Manager as a Cloud Service (AEMaaCS)

Issue/Symptoms

A page, locked either manually or programmatically, can be unlocked only by the user that put the lock on the page or the default master admin  user.

Is there a way to break the lock if the user or the admin are unavailable?

Resolution resolution

Following the implementation of the new features of Apache Jackrabbit OAK in AEMaaCS 2024.10, any user who is specified OR is a member of a group that is specified as administrativePrincipals in the following OSGi configuration can unlock a page in AEMaaCS.

Apache Jackrabbit Oak AuthorizationConfiguration (org.apache.jackrabbit.oak.security.authorization.AuthorizationConfigurationImpl)

By default, the user group “administrators” is the only value in the list of administrativePrincipals. However, you can add other users or groups in AuthorizationConfiguration using the property administrativePrincipals. For instance, the example below includes an additional group “unlockers”.

Caution: administrativePrincipals are granted full permissions on the complete repository content.

{
  "administrativePrincipals":[
    "administrators",
    "unlockers"
  ]
}

There are several ways to set OSGI configs in in AEMaaCS. For full details, refer to Configuring OSGi for Adobe Experience Manager as a Cloud Service.

Related reading

Allowing users to impersonate other users in AEM as a Cloud Service