Bypass cache for logged-in users | Community
Skip to main content
M
MateuszNo2
Level 2
September 22, 2025
Solved

Bypass cache for logged-in users

  • September 22, 2025
  • 1 reply
  • 242 views

 

We’re running AEM as a Cloud Service with the default Dispatcher setup. For anonymous users, caching works fine. But for logged-in users (after SSO), we don’t want certain pages (like /content/myapp/us/en/dashboard.html) to be cached at all - they should always be fresh from Publish.

I tried adding rules like this in dispatcher:
/0018 {
/type "allow"
/glob "/content/myapp/us/en/dashboard.html"
/headers {
"Cache-Control" "no-store"
}
}

but when I test the page is being cached by Dispatcher

 

 

Best answer by SantoshSai

Hi @mateuszno2,

Try this: 

cache.any

/cache {
  /allowAuthorized "0"           # if request has Authorization, don't cache
  /rules {
    /0010 { /glob "/content/myapp/us/en/dashboard.html*" /type "deny" }  # never cache this path
  }
}

clientheaders.any

Authorization
Cookie

(Forward these so Publish can personalize; Authorization lets /allowAuthorized "0" work.)

Then flush the existing file from the cache (or delete the cached .html under the dispatcher cache root) and retest.

1 reply

SantoshSai
Community Advisor
SantoshSaiCommunity AdvisorAccepted solution
Community Advisor
September 22, 2025

Hi @mateuszno2,

Try this: 

cache.any

/cache {
  /allowAuthorized "0"           # if request has Authorization, don't cache
  /rules {
    /0010 { /glob "/content/myapp/us/en/dashboard.html*" /type "deny" }  # never cache this path
  }
}

clientheaders.any

Authorization
Cookie

(Forward these so Publish can personalize; Authorization lets /allowAuthorized "0" work.)

Then flush the existing file from the cache (or delete the cached .html under the dispatcher cache root) and retest.

Santosh Sai
    giuseppebaglio
    giuseppebaglio
    Level 10
    September 23, 2025

    Additionally, to prevent a page from being cached in the CDN, you should set specific response headers:

     

    HeaderPurpose
    Cache-Control: no-cacheCache must check with server before using a cached response
    Cache-Control: no-storeCache must not store this response
    Cache-Control: must-revalidateOnce cached response is stale, must revalidate before serving
    Pragma: no-cacheHTTP 1.0 backward-compatible no-caching directive
    Expires: 0Response is immediately expired; do not serve from cache
    Terms & ConditionsAccessibility statement

    Loading footer...