| Request for Feature Enhancement (RFE) Summary: |
I have implemented permission-based caching for our secure site. The site will perform user authentication before serving any secure content. I have followed the document for configurations and implementation-https://docs.adobe.com/docs/en/dispatcher/permissions-cache.html
For initial request/cached content not available, the Dispatcher directly calls AEM resulting in displaying the secure page without authentication.
|
| Use-case: |
Use Case 1: The user must be authenticated via the Dispatcher Auth Checker Servlet before serving secure content.
Use Case 2: If the user's authentication via the Dispatcher Auth Checker Servlet fails, the dispatcher will not forward the original request to AEM.
|
| Current/Experienced Behavior: |
Current Behaviour for Use Case 1: When the requested content is not cached, the Dispatcher Auth Checker sends the request directly to the AEM publisher for page rendering, allowing the user to access secure content without authentication.
Current Behaviour for Use Case 2: If user authentication fails, the dispatcher forwards the original request to the AEM publisher for page rendering without authentication.
|
| Improved/Expected Behavior: |
Expected Behaviour for Use Case 1: The user must be authenticated via the Dispatcher Auth Checker Servlet before serving secure content.
Expected Behaviour for Use Case 2: If the user's authentication via the Dispatcher Auth Checker Servlet fails, the dispatcher should not forward the original request to AEM. |
| Environment Details (AEM version/service pack, any other specifics if applicable): |
Cloud Release - 2024.8.17465.20240813T175259Z |
| Customer-name/Organization name: |
Boston Scientific (BSC) |
| Screenshot (if applicable): |
|
| Code package (if applicable): |
|
@GurjotSingh @AkashRamchandani
