Your achievements

Level 1

0% to

Level 2

Tip /
Sign in

Sign in to Community

to gain points, level up, and earn exciting badges like the new
Bedrock Mission!

Learn more

View all

Sign in to view all badges

SOLVED

Dispatcher Configurations for POST request

Avatar

Level 3

We have a global deny rule on dispatcher 

/0001 { /type "deny" /glob "*" }

 

and have allowed specific POST requests via rules like 

 { /type "allow" /url "POST /content/[.]*.form.html" }  #Example rule

 

However, on publishers an autodiscover request is landing

POST /content/mySite/AutoDiscover/autodiscover.xml HTTP/1.1] org.apache.sling.servlets.post.impl.operations.ModifyOperation Unable to create resource named autodiscover.xml in /content/mySite/AutoDiscover

 

Though we have a allow rule for content tree

 {/type "allow" /glob "/content/mySite*" }

 

Any suggestions on how could this request be 

1. Generating

2. Landing on publishers, even after the global deny rule

 

 

1 Accepted Solution

Avatar

Correct answer by
Level 4

Hi @maheshp , The dispatcher filter rule  {/type "allow" /glob "/content/mySite*" } allows both POST and GET request , thus the Autodiscovery.xml is getting requested on the publisher. To simple check this you can direct call your website URL from postman with POST call and it will give you 200.

 

To block the all other call and to only allow the get request to pass through use this filter

{/type "allow" /method "GET"  /url"/content/mySite*" }

View solution in original post

1 Reply

Avatar

Correct answer by
Level 4

Hi @maheshp , The dispatcher filter rule  {/type "allow" /glob "/content/mySite*" } allows both POST and GET request , thus the Autodiscovery.xml is getting requested on the publisher. To simple check this you can direct call your website URL from postman with POST call and it will give you 200.

 

To block the all other call and to only allow the get request to pass through use this filter

{/type "allow" /method "GET"  /url"/content/mySite*" }