Expand my Community achievements bar.

SOLVED

Authentication on Publish

Avatar

Level 10
Level 10
2/1/18 6:09:44 AM

Hi,

Let us assume that the End user request comes to Dispatcher.

And Dispatcher either serves the already cached content or reaches out to Publish for content.

Let us assume that Publish authenticates based on an LDAP server.

Generally Publish does not authenticate based on LDAP, as LDAP is for the inhouse people mainly.

In this scenario, where is the LDAP authentication done? On Dispatcher or Publish?

It must be on Dispatcher because it has to serve static content (if exists).

Or Closed User Groups (CUG) comes in to picture?

Kindly elaborate the sequence.

Thanks,

Rama.

Views

790

Replies

1
Sign in to like this content

Total Likes

Translate
Translate
1 Accepted Solution

Avatar

Correct answer by
Administrator
Administrator
2/12/18 3:25:20 AM

Caching When Authentication is Used

The /allowAuthorized property controls whether requests that contain any of the following authentication information are cached:

  • The authorization header.
  • A cookie named authorization.
  • A cookie named login-token.

By default, requests that include this authentication information are not cached because authentication is not performed when a cached document is returned to the client. This configuration prevents Dispatcher from serving cached documents to users who do not have the necessary rights.

However, if your requirements permit the caching of authenticated documents, set /allowAuthorized to one: /allowAuthorized "1"

Source:- Configuring Dispatcher

For Permission-sensitive caching :- Caching Secured Content

// Permission-sensitive caching enables you to cache secured pages. Dispatcher checks users' access permissions for a page before delivering the cached page.

Reference :- Permission Sensitive Caching Delivery

Must read:-Re: How to achieve gated content



Kautuk Sahni

View solution in original post

Views

652

Replies

0
Sign in to like this content

Total Likes

Translate
Translate
Jump to reply
1 Reply

Avatar

Correct answer by
Administrator
Administrator
2/12/18 3:25:20 AM

Caching When Authentication is Used

The /allowAuthorized property controls whether requests that contain any of the following authentication information are cached:

  • The authorization header.
  • A cookie named authorization.
  • A cookie named login-token.

By default, requests that include this authentication information are not cached because authentication is not performed when a cached document is returned to the client. This configuration prevents Dispatcher from serving cached documents to users who do not have the necessary rights.

However, if your requirements permit the caching of authenticated documents, set /allowAuthorized to one: /allowAuthorized "1"

Source:- Configuring Dispatcher

For Permission-sensitive caching :- Caching Secured Content

// Permission-sensitive caching enables you to cache secured pages. Dispatcher checks users' access permissions for a page before delivering the cached page.

Reference :- Permission Sensitive Caching Delivery

Must read:-Re: How to achieve gated content



Kautuk Sahni

Views

653

Replies

0
Sign in to like this content

Total Likes

Translate
Translate
Jump to reply
Related Conversations
Broken mapping in AEM publishers Solved

Views

101

Likes

0

Replies

2
AEM links with more than one # are delete by editor Solved

Views

205

Likes

0

Replies

6
Can we publish AEM sites on our AMS environment from Assets on cloud ?

Views

56

Likes

0

Replies

1
Display custom messages to end user on AEM UI once after workflow execution is completed

Views

111

Like

1

Replies

3
Not able to access AEM experience fragments directly in publisher

Views

187

Likes

0

Replies

3