Expand my Community achievements bar.

SOLVED

CUG Exempted Principal Behaviour is not proper

Avatar

Level 8

I have added cugCheckUser as CUG on folder given in screenshot 

akshaybhujbale_0-1681294583740.png

Then I have added publishUser in CUG exempted principal configuration as below. 

akshaybhujbale_1-1681294874603.png

 

When I am logging with publishUser credentials. I should able to see the content as publishUser is added in CUG Exempted principal configuration.

akshaybhujbale_2-1681294959397.png

akshaybhujbale_3-1681295053430.png

If I login with cugCheckUser credentials I can see content.

akshaybhujbale_4-1681295114788.png

 

Why CUG Exempted principal not behaving properly.

1 Accepted Solution

Avatar

Correct answer by
Community Advisor

Hi @akshaybhujbale,

It's not working because you are using deprecated configuration. According to the documentation:

Instead of Adobe Granite Closed User Group (CUG) Support (com.day.cq.auth.impl.CugSupportImpl) you should use

Apache Jackrabbit Oak CUG Exclude List (org.apache.jackrabbit.oak.spi.security.authorization.cug.impl.CugExcludeImpl) to define users/groups you would like to exclude from CUG verification.

cug-exclude-osgi.png

View solution in original post

1 Reply

Avatar

Correct answer by
Community Advisor

Hi @akshaybhujbale,

It's not working because you are using deprecated configuration. According to the documentation:

Instead of Adobe Granite Closed User Group (CUG) Support (com.day.cq.auth.impl.CugSupportImpl) you should use

Apache Jackrabbit Oak CUG Exclude List (org.apache.jackrabbit.oak.spi.security.authorization.cug.impl.CugExcludeImpl) to define users/groups you would like to exclude from CUG verification.

cug-exclude-osgi.png