We have a requirement of implementing authentication for with 900k to 1 million users. We are using SAML authentication handler for authentication, but we do not want to create users in AEM , to void the load of handling 900k to 1 million users in AEM publish instances. We know that for SAML authentication , user need to be present in AEM.
Is it possible to login user with a default user in AEM, after successful SAML authentication ?
Can the CUG groups be used for the default user, based on group membership attributes from the SAML assertion?( Or is it necessary to have users created in AEM for the new AEM 6.3 CUG functionality to work properly ? We are thinking of authenticating the user with a default user , and then using group attributes from SAML assertion to use the CUG features .
It is mentioned in very few details in this forum post that for CUG users do not necessarily need to be present in AEM
I think I have a similar question, I have a customer facing application with multiple tiers of access to functionality that Im thinking of using CUG's to restrict/hide access menu items/content. I have to use SAML SSO with Salesforce as Identity Provider and want to use group policies somehow without creating the users / groups in AEM.