Adobe Experience Manager Sites & More

svenw22098367 · 9/14/16

Good day,

I'm experiencing a "problem" with the AEM publisher, that I can't figure out. Every time the AEM 6.0 publisher is restarted, rep:policy nodes are created for all parsys nodes in the /content/* directory with properties "cq:cugEnabled" set to true and "cq:cugPrincipals" containing a string array of cug roles. The created rep:policy nodes grant administrators the right to everything and deny everyone else all rights.

Can anyone tell me why these rep:policy nodes appear every time I restart my AEM 6.0 publisher instance?

Thanks!

Jörg_Hoh · 9/14/16

Hi,

obviously you have CUG properties in your publish instance, which is caused by the fact, that authors decided to use these functionality (check your page properties).

So whenever a publish is started it checks if there are CUG defined but the ACLs for it are missing. To get rid of this behaviour I would remove the CUG definitions on author; on publish side you can set the OSGI property "cug.enabled" to false (service "Day CQ Closed User Group (CUG) Support").

user2797012 · 9/23/16

The CUG is designed to work only on the publish environments and there are no plans to enable this on Author as it is a publishing feature.

praveenjain · 5/9/19

Resolved same issue and created page for reference.

https://aakul.blogspot.com/2019/05/aem-cug-permissions-gets-reset-post.html

In short permission can be deleted if CUG is disabled in AEM<6.3

From AEM 6.3, it will use separate authorization module called oak-authorization-cug, then it will never impact user permissions.

Adobe Experience Manager Sites & More

Unexplained rep:policy nodes appearing

Learn

Documentation

Community

Support

Resources

Adobe account

Adobe