Expand my Community achievements bar.

Don’t miss the AEM Skill Exchange in SF on Nov 14—hear from industry leaders, learn best practices, and enhance your AEM strategy with practical tips.
SOLVED

CUG Exempted Principal Behaviour is not proper

Avatar

Level 7

I have added cugCheckUser as CUG on folder given in screenshot 

akshaybhujbale_0-1681294583740.png

Then I have added publishUser in CUG exempted principal configuration as below. 

akshaybhujbale_1-1681294874603.png

 

When I am logging with publishUser credentials. I should able to see the content as publishUser is added in CUG Exempted principal configuration.

akshaybhujbale_2-1681294959397.png

akshaybhujbale_3-1681295053430.png

If I login with cugCheckUser credentials I can see content.

akshaybhujbale_4-1681295114788.png

 

Why CUG Exempted principal not behaving properly.

1 Accepted Solution

Avatar

Correct answer by
Community Advisor

Hi @akshaybhujbale,

It's not working because you are using deprecated configuration. According to the documentation:

Instead of Adobe Granite Closed User Group (CUG) Support (com.day.cq.auth.impl.CugSupportImpl) you should use

Apache Jackrabbit Oak CUG Exclude List (org.apache.jackrabbit.oak.spi.security.authorization.cug.impl.CugExcludeImpl) to define users/groups you would like to exclude from CUG verification.

cug-exclude-osgi.png

View solution in original post

1 Reply

Avatar

Correct answer by
Community Advisor

Hi @akshaybhujbale,

It's not working because you are using deprecated configuration. According to the documentation:

Instead of Adobe Granite Closed User Group (CUG) Support (com.day.cq.auth.impl.CugSupportImpl) you should use

Apache Jackrabbit Oak CUG Exclude List (org.apache.jackrabbit.oak.spi.security.authorization.cug.impl.CugExcludeImpl) to define users/groups you would like to exclude from CUG verification.

cug-exclude-osgi.png