Hello All,

            We are creating certain users and assigning ACL permissions programmatically, using below code(partial  code), which is perfectly working in AEM 6.0 but failing in AEM 6.3, throwing below exception.

Coul you please let us know, how to implement the below in AEM 6.3, any helpx document will be helpful.

06.08.2018 13:41:49.267 *ERROR* [qtp1995913297-46126] com.abc.xyz.cms.author-config-2.0.0.SNAPSHOT [com.abc.xyz.cms.bundle.config.AuthorConfigInitializer(3275)] The start method has thrown an exception (java.lang.ClassCastException: org.apache.jackrabbit.oak.spi.security.authorization.cug.impl.CugPolicyImpl cannot be cast to javax.jcr.security.AccessControlList)

java.lang.ClassCastException: org.apache.jackrabbit.oak.spi.security.authorization.cug.impl.CugPolicyImpl cannot be cast to javax.jcr.security.AccessControlList

        at com.abc.xyz.cms.service.persistence.user.impl.AddACLPermiOperation.addACLPermiForGroup(AddACLPermiOperation.java:74)

Partial Code:-

@PerformInSession

public void addACLPermiForGroup(final String groupName, final String path, final String privilege)

        throws UserPersistenceException {

    try {

        UserManagerWrapper userManagerWrapper = userManagerWrapperFactory.createUserManagerWrapper();

        AccessControlManager aMgr = accessControlManagerFactory.createAccessControlManager();

        AccessControlList acl;

        for (String strPath : path.split(PATH_CONFIG_SEPARATOR)) {

            AccessControlPolicyIterator acplItr = aMgr.getApplicablePolicies(strPath);

            if (acplItr.hasNext()) {

                // get first applicable policy (for nodes w/o policy)

               acl = (AccessControlList) acplItr.nextAccessControlPolicy(); // Exception is thrown at this line

            } else {

                // else node already has a policy, get that one

                acl = (AccessControlList) aMgr.getPolicies(strPath)[0];

            }

            for (AccessControlEntry e : acl.getAccessControlEntries()) {

                Principal p = e.getPrincipal();

                if (e.getPrincipal().equals(userManagerWrapper.getExistingAemGroup(groupName).getPrincipal()))

                {

                    acl.removeAccessControlEntry(e);

                }

            }

           String[] privilegeNames = privilege.split(PATH_CONFIG_SEPARATOR);

            Privilege[] privileges = new Privilege[privilegeNames.length];

            for(int i=0; i < privileges.length; i++)

            {

                privileges[i] = aMgr.privilegeFromName(privilegeNames[i]);

            }

            acl.addAccessControlEntry(

                    userManagerWrapper.getExistingAemGroup(groupName).getPrincipal(), privileges);

            aMgr.setPolicy(strPath, acl);

        }

    } catch (RepositoryException e) {

        throw new RetryableRepositoryException(String.format(

                "Failed to add %s ACL permission to %s for %s", privilege, path, groupName, e));

    }

}