What is the out-of-the-box response of the dispatcher when requesting a URL which is defined as deny in /filter setting of the dispatcher?
A. 400
B. 404
C. 403
Solved! Go to Solution.
Views
Replies
Total Likes
C. 404
The dispatcher module for Adobe Experience Manager (AEM) uses the /filter setting to define which URLs should be allowed or denied. If a URL is explicitly denied in these settings, the dispatcher returns a 403 (forbiden) as we might think, but really it returns 404 NOT FOUND status code. This is a security measure to prevent access to restricted resources, ensuring that the denied URLs are not accessible by unauthorized users or requests.
Adobe Official Documentation: https://experienceleague.adobe.com/en/docs/experience-manager-dispatcher/using/configuring/dispatche...
--------------------------------
In addition to learning dispatcher:
The best way to determine correct configurations either your AEM project or dispatcher configurations is following Adobe best practices is to check the WKND project on github. Looking at these files exposes best practices for how an AEM website should be built.
For your dispatcher question about 400,403,500,etc... lets take a look at how the WKND project have implemented this, https://github.com/adobe/aem-guides-wknd/blob/main/dispatcher/src/conf.d/available_vhosts/wknd.vhost
From here, you can see that they have setup:
ErrorDocument 404 ${404_PAGE}
ErrorDocument 500 ${500_PAGE}
ErrorDocument 502 ${500_PAGE}
ErrorDocument 503 ${500_PAGE}
ErrorDocument 504 ${500_PAGE}
Confused on the variables, it can be found here -> https://github.com/adobe/aem-guides-wknd/blob/main/dispatcher/src/conf.d/variables/custom.vars
In addition to your question about error pages, you must create these error pages on your AEM author and publish these pages,
Hi @bhavigoyal
B. 404
the /filter defines allowed and denied requests. URL denied by a filter the dispatcher won't process it further, Since the request isn't processed and the content isn't found, a 404 Not Found response is the most appropriate.
It seems your answer is correct but i think for better explanation below article is suitable which state that if we deny all it gives 404 but for specified area deny it gives 403.
Am I correct??
Views
Replies
Total Likes
right
if you configure the Dispatcher to deny access to specific areas, requests to those areas will result in a 403 error (forbidden), indicating that access is explicitly denied.
The key is how the /filter rules are defined in the Dispatcher’s configuration.
C. 404
The dispatcher module for Adobe Experience Manager (AEM) uses the /filter setting to define which URLs should be allowed or denied. If a URL is explicitly denied in these settings, the dispatcher returns a 403 (forbiden) as we might think, but really it returns 404 NOT FOUND status code. This is a security measure to prevent access to restricted resources, ensuring that the denied URLs are not accessible by unauthorized users or requests.
Adobe Official Documentation: https://experienceleague.adobe.com/en/docs/experience-manager-dispatcher/using/configuring/dispatche...
--------------------------------
In addition to learning dispatcher:
The best way to determine correct configurations either your AEM project or dispatcher configurations is following Adobe best practices is to check the WKND project on github. Looking at these files exposes best practices for how an AEM website should be built.
For your dispatcher question about 400,403,500,etc... lets take a look at how the WKND project have implemented this, https://github.com/adobe/aem-guides-wknd/blob/main/dispatcher/src/conf.d/available_vhosts/wknd.vhost
From here, you can see that they have setup:
ErrorDocument 404 ${404_PAGE}
ErrorDocument 500 ${500_PAGE}
ErrorDocument 502 ${500_PAGE}
ErrorDocument 503 ${500_PAGE}
ErrorDocument 504 ${500_PAGE}
Confused on the variables, it can be found here -> https://github.com/adobe/aem-guides-wknd/blob/main/dispatcher/src/conf.d/variables/custom.vars
In addition to your question about error pages, you must create these error pages on your AEM author and publish these pages,
its 404