Expand my Community achievements bar.

Dive into Adobe Summit 2024! Explore curated list of AEM sessions & labs, register, connect with experts, ask questions, engage, and share insights. Don't miss the excitement.

Use CUG on AEM 6.3 with SAML authentication without user creation in AEM

Avatar

Level 4

We have a requirement of implementing authentication for with 900k to 1 million users. We are using SAML authentication handler for authentication, but we do not want to create users in AEM  , to void the load of handling 900k to 1 million users in AEM publish instances. We know that for SAML authentication , user need to be present in AEM.

Is it possible to login user with a default user in AEM, after successful SAML authentication ?

Need info AEM 6.2: Ability to extend SAML Authentication Handler for customizing user creation

Can the CUG groups be used for the default user, based on group membership attributes from the SAML assertion?( Or is it necessary to have users created in AEM for the new AEM 6.3 CUG functionality to work properly ? We are thinking of authenticating the user with a default user , and then using group attributes from SAML assertion to use the CUG features .

It is mentioned in very few details in this forum post that for CUG users do not necessarily need to be present in AEM

Custom LoginModule and Closed User Groups

Could the community members please provide their thoughts? Will appreciate it.

Thanks

1 Reply

Avatar

Level 1

I think I have a similar question, I have a customer facing application with multiple tiers of access to functionality that Im thinking of using CUG's to restrict/hide access menu items/content. I have to use SAML SSO with Salesforce as Identity Provider and want to use group policies somehow without creating the users / groups in AEM.