Expand my Community achievements bar.

SOLVED

Configure dispatcher for permission-sensitive caching - Using an external service

Avatar

Level 3
Level 3
1/19/16 5:17:57 AM

Hi,

I followed the documentation on https://docs.adobe.com/docs/en/dispatcher/permissions-cache.html to configure the auth_checker to check the permissions. When I check the dispatcher log I see that the authentication checker is used, but the url is always called on the publish instance. Is it possible to use an external service to validate the permissions?

I want to use an external service, because AEM doesn't contain the users session information.

Kind regards

Views

996

Replies

1
Sign in to like this content

Total Likes

Translate
Translate
1 Accepted Solution

Avatar

Correct answer by
Community Advisor
Community Advisor
1/19/16 6:16:34 AM

Hi Steven,

 

OOTB functionality does not allow you to point to a custom authentication endpoint. As far as I know.

Ideally, you should handle authentication in publisher boxes. Example impl [1]

This surely, depends on load you are expecting on your servers. Given too big load it would be highly complicated to validate all requests on publishers.

For this use case, you would put a proxy server in between(Publish - Proxy - Dispatcher). Proxy would intercept authentication path requests and forward them to the desired authentication endpoint, which would in return validate user/path and return desired (success|fail) opcode back to the dispatcher.

 

[1] https://helpx.adobe.com/experience-manager/kb/PSCachingDelivery.html

Thanks,

Peter

View solution in original post

Views

739

Replies

0
Sign in to like this content

Total Likes

Translate
Translate
Jump to reply
1 Reply

Avatar

Correct answer by
Community Advisor
Community Advisor
1/19/16 6:16:34 AM

Hi Steven,

 

OOTB functionality does not allow you to point to a custom authentication endpoint. As far as I know.

Ideally, you should handle authentication in publisher boxes. Example impl [1]

This surely, depends on load you are expecting on your servers. Given too big load it would be highly complicated to validate all requests on publishers.

For this use case, you would put a proxy server in between(Publish - Proxy - Dispatcher). Proxy would intercept authentication path requests and forward them to the desired authentication endpoint, which would in return validate user/path and return desired (success|fail) opcode back to the dispatcher.

 

[1] https://helpx.adobe.com/experience-manager/kb/PSCachingDelivery.html

Thanks,

Peter

Views

740

Replies

0
Sign in to like this content

Total Likes

Translate
Translate
Jump to reply
Related Conversations
Apply folder permission

Views

140

Likes

0

Replies

7
Need Suggestions for the Best Ways to Prepare for the AD0-E127 Exam!

Views

109

Likes

0

Replies

3
Custom Plugin for Inline Dialog in AEM RTE: Assistance with Custom Icon Integration

Views

148

Like

1

Replies

3
Resources for AD0-E129

Views

77

Likes

0

Replies

1
Seeking Expert Advice for 9A0-019 Exam Prep!

Views

115

Likes

0

Replies

3