Expand my Community achievements bar.

SOLVED

Closed User Groups in AEM, Calling in the Experts. Here's my take.

Avatar

Level 7

We are trying to serve hidden content in AEM from logged in users using AEM. This is currently not our customer facing problem at the moment, I want to understand how the flow works. But, say we have some users (over 500,000k) users and the list keeps growing. 

We have 2 ideas to get this working as expected.

Micro-Service.
1. For new registers, we will have a form which will add a new user into the database based on the Micro-Service.
2. The Micro-Service will deal with the authentication parts. The customer will attempt to login on the AEM website like Mcdonalds.com; the customer will fill in their username and password, and the hit enter. The micro-service will return a JSON Web Token, with their basic information and authentication token. Once we get a 200OK response from the server, we will make another call to an AEM servlet to authenticate into a common user of AEM. For example this is the "Basic" user. And from there, navigating through the AEM website, they should see Closed User Group Content of the "Basic" user.

AEM Publisher
1. New users registering will be added into AEM's tools > security > users with an AEM backend sightly... and then it will be reverse-replicated back to the author, where it will then replicate the node into all the other publishers.
2. Users will login using AEMaaCS's out of the box AEM's login features. Once logged in, they are navigate through the website. For example all users will be added into the "Basic" user group. And from there, navigating through the AEM website, they should see Closed User Group Content of the "Basic" user.

@aanchal_sikka @arunpatidar @EstebanBustamante @Jörg_Hoh @Rohan_Garg @BrianKasingli @sravs @TarunKumar , do you have any suggestions or experiences with enabling hidden content (closed user groups), to over 1 million authenticated users, because I know it's probably not a good idea for option 2, AEM Publisher.

1 Accepted Solution

Avatar

Correct answer by
Employee Advisor

Hi,

if you just want so split between "logged in (=authorized) users" and "not logged-in users", just configure the "Sling Authentication Service" to require to be logged in at the specific paths. (Unlike on author, this is not configured on publish).

 

Another question: where do you want to maintain the user information? AEM? Some other IDP?

 

View solution in original post

3 Replies

Avatar

Community Advisor

Hi @SupportMember 
If you have pages and their visibilities varies user to user based on if they are part of certain user group, then you have to go with AEM CUG approach.

if it is just about the show/hide content based on authentication or force user to logged in then you can implement something at client side without over loading AEM.



Arun Patidar

Avatar

Correct answer by
Employee Advisor

Hi,

if you just want so split between "logged in (=authorized) users" and "not logged-in users", just configure the "Sling Authentication Service" to require to be logged in at the specific paths. (Unlike on author, this is not configured on publish).

 

Another question: where do you want to maintain the user information? AEM? Some other IDP?

 

Avatar

Administrator

@SupportMember Did you find the suggestion helpful? Please let us know if you require more information. Otherwise, please mark the answer as correct for posterity. If you've discovered a solution yourself, we would appreciate it if you could share it with the community. Thank you!  

 
 


Kautuk Sahni