Adobe Experience Manager Sites & More

akshaybhujbale · 4/12/23

I have added cugCheckUser as CUG on folder given in screenshot

Then I have added publishUser in CUG exempted principal configuration as below.

When I am logging with publishUser credentials. I should able to see the content as publishUser is added in CUG Exempted principal configuration.

If I login with cugCheckUser credentials I can see content.

Why CUG Exempted principal not behaving properly.

lukasz-m · 5/5/23

Hi @akshaybhujbale,

It's not working because you are using deprecated configuration. According to the documentation:

https://experienceleague.adobe.com/docs/experience-manager-65/administering/security/cug-mapping.htm...

Instead of Adobe Granite Closed User Group (CUG) Support (com.day.cq.auth.impl.CugSupportImpl) you should use

Apache Jackrabbit Oak CUG Exclude List (org.apache.jackrabbit.oak.spi.security.authorization.cug.impl.CugExcludeImpl) to define users/groups you would like to exclude from CUG verification.

View solution in original post

lukasz-m · 5/5/23

Hi @akshaybhujbale,

It's not working because you are using deprecated configuration. According to the documentation:

https://experienceleague.adobe.com/docs/experience-manager-65/administering/security/cug-mapping.htm...

Instead of Adobe Granite Closed User Group (CUG) Support (com.day.cq.auth.impl.CugSupportImpl) you should use

Apache Jackrabbit Oak CUG Exclude List (org.apache.jackrabbit.oak.spi.security.authorization.cug.impl.CugExcludeImpl) to define users/groups you would like to exclude from CUG verification.

Adobe Experience Manager Sites & More

CUG Exempted Principal Behaviour is not proper

Learn

Documentation

Community

Support

Resources

Adobe account

Adobe