Configure dispatcher for permission-sensitive caching - Using an external service

Question

Hi,I followed the documentation on https://docs.adobe.com/docs/en/dispatcher/permissions-cache.html to configure the auth_checker to check the permissions. When I check the dispatcher log I see that the authentication checker is used, but the url is always called on the publish instance. Is it possible to use an external service to validate the permissions?I want to use an external service, because AEM doesn't contain the users session information.Kind regards

Peter_Puzanovs · Accepted Answer

Hi Steven,

OOTB functionality does not allow you to point to a custom authentication endpoint. As far as I know.

Ideally, you should handle authentication in publisher boxes. Example impl [1]

This surely, depends on load you are expecting on your servers. Given too big load it would be highly complicated to validate all requests on publishers.

For this use case, you would put a proxy server in between(Publish - Proxy - Dispatcher). Proxy would intercept authentication path requests and forward them to the desired authentication endpoint, which would in return validate user/path and return desired (success|fail) opcode back to the dispatcher.

[1] https://helpx.adobe.com/experience-manager/kb/PSCachingDelivery.html

Thanks,

Peter

Sign up

Login with SSO

Login to the community

Login with SSO

Scanning file for viruses.

This file cannot be downloaded