In CQ 5.3, when ldap authentication is enabled and a CQ5 user's group membership is removed by an administrator then if the membership was acquired via the jaas configuration's autocreate.user.membership
setting then the membership to this group will be re-added on the user"s next login. In 5.2.1 the group membership was not re-added on subsequent logins.
To explain this more clearly, here is a scenario to demonstrate:
Assume that autocreate.user.membership="site-users"
in the jaas configuration, the site-users group already exists in CQ5 and has ACLs set for editing all pages.
This functionality was intentionally changed in CQ5.3. For further information, please see the documentation here.
CQ 5.2.x to 5.3 Upgrade
Zaloguj się na swoje konto