If the user from administrators group if not available in CUG still able to access to folder. Since it is exception to CUG.
So is there any other group which is the exception to CUG.
Also can we create group with exception to CUG
Solved! Go to Solution.
Views
Replies
Total Likes
No, you cannot detect by an API if a principal is allowed to access a CUG protected resource by this exemption list or by any other means. Because normally it should not matter, and exemption list should only be used for admin usecases.
If you really need to distinguish those 2 cases, you need to implement this feature on your own (as indicated by @arunpatidar ); in any way I would suggest you to create a ticket with Adobe support and raise this requirement there. Pleas include detailled description of your requirement, so product management can evaluate if this is just an edge case or a more common case which might benefit if supported ootb.
Yes, it is possible, you need to configure it at
@arunpatidar Thanks
so is there any property by which we can recognize that this group is exempted from CUG?
What is the usecase that your code needs to know if a user is member of one of these configured groups? Normally it should not be necessary to know that, because the CUGs are implemented on a repository level with ACLs.
share the link of above screenshot settings
This is osgi configuration, please check from webconsole.
The osgi config name is in the screenshot.
you can use same above osgi component/service to fetch its configurations.
@arunpatidar yah but I am looking for api for any property through which I can differentiate the normal user and cug exempted user or group.
For my usecase I need this.
Manually fetch using configuration wont work in my usecase.
Please if you can help me on this it will very helpfull for me.
Thanks
I am not aware of any of the api, that does that
Probably you can create your own using sling servlet and osgi service.
It is possible, but does your usecase really differentiate between a user which has access to a location provided by a membership in a random group compared to a user which is member of group listed in the exempted principal list?
Hi @Jörg_Hoh to implement my usecase I just need exempted principal list but that should be through api not manuall.
Or if there any property which can that the particular user is exempted that will also work.
No, you cannot detect by an API if a principal is allowed to access a CUG protected resource by this exemption list or by any other means. Because normally it should not matter, and exemption list should only be used for admin usecases.
If you really need to distinguish those 2 cases, you need to implement this feature on your own (as indicated by @arunpatidar ); in any way I would suggest you to create a ticket with Adobe support and raise this requirement there. Pleas include detailled description of your requirement, so product management can evaluate if this is just an edge case or a more common case which might benefit if supported ootb.