Expand my Community achievements bar.

SOLVED

Authentication on Publish

Avatar

Level 10

Hi,

Let us assume that the End user request comes to Dispatcher.

And Dispatcher either serves the already cached content or reaches out to Publish for content.

Let us assume that Publish authenticates based on an LDAP server.

Generally Publish does not authenticate based on LDAP, as LDAP is for the inhouse people mainly.

In this scenario, where is the LDAP authentication done? On Dispatcher or Publish?

It must be on Dispatcher because it has to serve static content (if exists).

Or Closed User Groups (CUG) comes in to picture?

Kindly elaborate the sequence.

Thanks,

Rama.

1 Accepted Solution

Avatar

Correct answer by
Administrator

Caching When Authentication is Used

The /allowAuthorized property controls whether requests that contain any of the following authentication information are cached:

  • The authorization header.
  • A cookie named authorization.
  • A cookie named login-token.

By default, requests that include this authentication information are not cached because authentication is not performed when a cached document is returned to the client. This configuration prevents Dispatcher from serving cached documents to users who do not have the necessary rights.

However, if your requirements permit the caching of authenticated documents, set /allowAuthorized to one: /allowAuthorized "1"

Source:- Configuring Dispatcher

For Permission-sensitive caching :- Caching Secured Content

// Permission-sensitive caching enables you to cache secured pages. Dispatcher checks users' access permissions for a page before delivering the cached page.

Reference :- Permission Sensitive Caching Delivery

Must read:-Re: How to achieve gated content



Kautuk Sahni

View solution in original post

1 Reply

Avatar

Correct answer by
Administrator

Caching When Authentication is Used

The /allowAuthorized property controls whether requests that contain any of the following authentication information are cached:

  • The authorization header.
  • A cookie named authorization.
  • A cookie named login-token.

By default, requests that include this authentication information are not cached because authentication is not performed when a cached document is returned to the client. This configuration prevents Dispatcher from serving cached documents to users who do not have the necessary rights.

However, if your requirements permit the caching of authenticated documents, set /allowAuthorized to one: /allowAuthorized "1"

Source:- Configuring Dispatcher

For Permission-sensitive caching :- Caching Secured Content

// Permission-sensitive caching enables you to cache secured pages. Dispatcher checks users' access permissions for a page before delivering the cached page.

Reference :- Permission Sensitive Caching Delivery

Must read:-Re: How to achieve gated content



Kautuk Sahni