Expand my Community achievements bar.

Join us in celebrating the outstanding achievement of our AEM Community Member of the Year!
Celebrate the Success!
SOLVED

Authentication on Publish

Avatar

Level 10
Level 10
2/1/18 6:09:44 AM

Hi,

Let us assume that the End user request comes to Dispatcher.

And Dispatcher either serves the already cached content or reaches out to Publish for content.

Let us assume that Publish authenticates based on an LDAP server.

Generally Publish does not authenticate based on LDAP, as LDAP is for the inhouse people mainly.

In this scenario, where is the LDAP authentication done? On Dispatcher or Publish?

It must be on Dispatcher because it has to serve static content (if exists).

Or Closed User Groups (CUG) comes in to picture?

Kindly elaborate the sequence.

Thanks,

Rama.

Views

818

Replies

1
Sign in to like this content

Total Likes

Translate
Translate
1 Accepted Solution

Avatar

Correct answer by
Administrator
Administrator
2/12/18 3:25:20 AM

Caching When Authentication is Used

The /allowAuthorized property controls whether requests that contain any of the following authentication information are cached:

  • The authorization header.
  • A cookie named authorization.
  • A cookie named login-token.

By default, requests that include this authentication information are not cached because authentication is not performed when a cached document is returned to the client. This configuration prevents Dispatcher from serving cached documents to users who do not have the necessary rights.

However, if your requirements permit the caching of authenticated documents, set /allowAuthorized to one: /allowAuthorized "1"

Source:- Configuring Dispatcher

For Permission-sensitive caching :- Caching Secured Content

// Permission-sensitive caching enables you to cache secured pages. Dispatcher checks users' access permissions for a page before delivering the cached page.

Reference :- Permission Sensitive Caching Delivery

Must read:-Re: How to achieve gated content



Kautuk Sahni

View solution in original post

Views

680

Replies

0
Sign in to like this content

Total Likes

Translate
Translate
Jump to reply
1 Reply

Avatar

Correct answer by
Administrator
Administrator
2/12/18 3:25:20 AM

Caching When Authentication is Used

The /allowAuthorized property controls whether requests that contain any of the following authentication information are cached:

  • The authorization header.
  • A cookie named authorization.
  • A cookie named login-token.

By default, requests that include this authentication information are not cached because authentication is not performed when a cached document is returned to the client. This configuration prevents Dispatcher from serving cached documents to users who do not have the necessary rights.

However, if your requirements permit the caching of authenticated documents, set /allowAuthorized to one: /allowAuthorized "1"

Source:- Configuring Dispatcher

For Permission-sensitive caching :- Caching Secured Content

// Permission-sensitive caching enables you to cache secured pages. Dispatcher checks users' access permissions for a page before delivering the cached page.

Reference :- Permission Sensitive Caching Delivery

Must read:-Re: How to achieve gated content



Kautuk Sahni

Views

681

Replies

0
Sign in to like this content

Total Likes

Translate
Translate
Jump to reply
Related Conversations
View nodes in Local Publish instance via CRXDE Solved

Views

146

Likes

0

Replies

5
Deploy different repositories, at different times on the same AEM cloud instance Solved

Views

251

Likes

0

Replies

5
The “Create Content Fragment” option is not appearing in DAM on AEM 6.5. Solved

Views

223

Likes

0

Replies

5
Page Unresponsive / UI lockup on copy pasting component within form

Views

89

Likes

0

Replies

3
Expose content fragment from AEM publish environment

Views

110

Likes

0

Replies

2