Grant access to one channel for one content folder

Hi Team,
In “
this document it is restricting the channel with the content path for a particular site as it has two content path. For me 2 channels are there but one root content folder both both the channels.
Can i get suggestion how we can grant access to one channel with the common content floder.
For an example:
i have channels “ch1” and “ch2” but content folder is one in cms that is “mycontent”.
Here how can we grant a permission for a single channel.


your channels are connected to your content via your site node. Two channels can absolutely have the same content root and that is a common pattern to make content sharing between channels simpler. Ootb there aren’t security domains to handle multiple sites, so there is no problem for anything that needs access. Only if you want to restrict access does something need to be done. That can get quite complicated and depends on your use case.

In my case i have 4 channels inside channel manager and points to one root content folder(/content/document/cmscontent).
I am trying to give access permissions for a user group for one channel. That means while i login to cms with the user access i ll see only one particular channel. I have created security domain and given the content folder path like below with highlighted this.

Now if i am login with this user group i am able to see all the channels because here the folder path i have given is same for all the channels/sites(/content/document/cmscontent). i have permissions and all according to the Bloomreach documentation.
My hst:site looks like below

Can we have solution for that plz help.

Is it possible to give access to a particular channel if these channels/sites are pointing to one content root folder. I have explained the full scenario in comment. Please help me if it is possible.


In the upcoming 14.0.0 the (logical) requirement to be able to hide /
grant channels to cms users based on something else than ‘visibility’
on content has become very easy: If the user does not have privilege
“hippo:channel-webviewer” (a new privilege) on the specific channel
configuration, the channel won’t be visible for the user in the
channel mgr

The problem in 13.x and earlier, is that the default hst configuration
domain security setup is very ‘aspect oriented’, aka based on entities
from a specific node (nodetype, nodename, prop value) instead of
hierarchically oriented.

What is desired by Girija can be achieved in pre 14.0.0 as follows:

  1. Create the a channel filter according [1]
  2. Remove ‘/hippo:configuration/hippo:domains/hstconfig/hst-configuration’
    from the ‘hstconfig’
  3. Create a new domains per hst-configuration (group) and assign which
    users have read access to the hst:configuration : The filter from [1]
    will then filter based on that

Note that step (3) is really unhandy and a lot of work pre 14.0.0. It
is possible, but just not very easy to do. In 14.0.0, this is
something that has become very easy. If you can wait for 14.0.0 with
this requirement I’d advice that


Regards Ard


See also: