Your achievements

Level 1

0% to

Level 2

Tip /
Sign in

Sign in to Community

to gain points, level up, and earn exciting badges like the new
Bedrock Mission!

Learn more

View all

Sign in to view all badges

SOLVED

Permission Sensitive Caching: Action if failed

BenZahler
Level 2
Level 2

Hi all,

I am implementing the permission sensitive caching as documented here:

http://dev.day.com/docs/en/cq/current/deploying/dispatcher/permissions_cache.html

However, I have a conceptual Problem:

When the Authorization fails, the user should be redirected to a page. The page to be redirected should ideally come from the authorization servlet. I have implemented that in a way that the authorization servlet sends a HTTP 302 response.

This is the HTTP when I invoke authorization servlet directly:

# curl -u admin:admin -v -X GET http://localhost:4502/bin/disclaimercheck
* About to connect() to localhost port 4502 (#0)
*   Trying 127.0.0.1... connected
* Connected to localhost (127.0.0.1) port 4502 (#0)
* Server auth using Basic with user 'admin'
> GET /bin/disclaimercheck HTTP/1.1
> Authorization: Basic YWRtaW46YWRtaW4=
> User-Agent: curl/7.20.1 (i686-pc-cygwin) libcurl/7.20.1 OpenSSL/0.9.8r zlib/1.2.5 libidn/1.18 libssh2/1.2.5
> Host: localhost:4502
> Accept: */*
>
< HTTP/1.1 302 Moved Temporarily
< Connection: Keep-Alive
< Server: Day-Servlet-Engine/4.1.52
< Content-Length: 0
< Date: Wed, 27 Nov 2013 09:08:09 GMT
< Location: http://dev.day.com
< Set-Cookie: cq-authoring-mode=CLASSIC; Path=/
<
* Connection #0 to host localhost left intact
* Closing connection #0

 

When I invoke this in Dispatcher, the communication is:

# curl -v -X HEAD http://******.ch/de/gs/dispatcher/test4ben_dcl.html
* About to connect() to *******.ch port 80 (#0)
*   Trying ******... connected
* Connected to****** port 80 (#0)
> HEAD /de/gs/dispatcher/test4ben_dcl.html HTTP/1.1
> User-Agent: curl/7.20.1 (i686-pc-cygwin) libcurl/7.20.1 OpenSSL/0.9.8r zlib/1.2.5 libidn/1.18 libssh2/1.2.5
> Host:*********
> Accept: */*
>
< HTTP/1.1 200 OK
< Date: Wed, 27 Nov 2013 09:14:40 GMT
< Server: Apache/2.2.25 (Win32) Communique/4.1.4
< X-Frame-Options: SAMEORIGIN
< Location:  http://dev.day.com
< Content-Type: text/html;charset=utf-8
* no chunk, no close, no size. Assume close to signal end
<
* Closing connection #0

As you can see, the location header is configured to be returned to the client, but the HTTP Response status is changed to 200 by Dispatcher. Can this be changed in any way?

And here is the log from the dispatcher:

[Wed Nov 27 10:14:40 2013] [D] [4224(748)] checking [/content/test/de/gs/dispatcher/test4ben_dcl.html]
[Wed Nov 27 10:14:40 2013] [D] [4224(748)] cache file is newer than lastflush -> use cache [C:\***\test\de\gs\dispatcher\test4ben_dcl.html]
[Wed Nov 27 10:14:40 2013] [D] [4224(748)] AuthChecker: connected to render rend01 (localhost:4503)
[Wed Nov 27 10:14:40 2013] [D] [4224(748)] AuthChecker: sending accept: */*
[Wed Nov 27 10:14:40 2013] [D] [4224(748)] AuthChecker: sending host: *****
[Wed Nov 27 10:14:40 2013] [D] [4224(748)] AuthChecker: sending user-agent: curl/7.20.1 (i686-pc-cygwin) libcurl/7.20.1 OpenSSL/0.9.8r zlib/1.2.5 libidn/1.18 libssh2/1.2.5
[Wed Nov 27 10:14:40 2013] [D] [4224(748)] response.headers[Location] = " http://dev.day.com"
[Wed Nov 27 10:14:40 2013] [D] [4224(748)] response.headers[Date] = " Wed, 27 Nov 2013 09:14:40 GMT"
[Wed Nov 27 10:14:40 2013] [D] [4224(748)] response.headers[Content-Length] = " 0"
[Wed Nov 27 10:14:40 2013] [D] [4224(748)] response.headers[Server] = " Day-Servlet-Engine/4.1.52 "
[Wed Nov 27 10:14:40 2013] [D] [4224(748)] response.headers[Connection] = " Close"
[Wed Nov 27 10:14:40 2013] [I] [4224(748)] Authorization Checker did not allow spooling file 'C:\*****\content\test\de\gs\dispatcher\test4ben_dcl.html'
[Wed Nov 27 10:14:40 2013] [D] [4224(748)] cache-action for [/content/test/de/gs/dispatcher/test4ben_dcl.html]: NONE
[Wed Nov 27 10:14:40 2013] [D] [4224(748)] connected to render rend01 (localhost:4503)
[Wed Nov 27 10:14:40 2013] [D] [4224(748)] Spooling request header: accept
[Wed Nov 27 10:14:40 2013] [D] [4224(748)] Spooling request header: host
[Wed Nov 27 10:14:40 2013] [D] [4224(748)] Spooling request header: user-agent
[Wed Nov 27 10:14:42 2013] [D] [4224(748)] Detected: chunked transfer encoding
[Wed Nov 27 10:14:42 2013] [D] [4224(748)] response.status = 200
[Wed Nov 27 10:14:42 2013] [D] [4224(748)] response.headers[Server] = "Day-Servlet-Engine/4.1.52 "
[Wed Nov 27 10:14:42 2013] [D] [4224(748)] response.headers[Content-Type] = "text/html;charset=utf-8"
[Wed Nov 27 10:14:42 2013] [D] [4224(748)] response.headers[Date] = "Wed, 27 Nov 2013 09:14:42 GMT"
[Wed Nov 27 10:14:42 2013] [D] [4224(748)] Content length: -1, written: 25919
[Wed Nov 27 10:14:42 2013] [I] [4224(748)] "HEAD /content/test/de/gs/dispatcher/test4ben_dcl.html" 200 25906 1531ms

 

Dispatcher version is (4.1.4) on Apache 2.2.25

Does anyone have an idea if or how this should work?

 

thanks,

Ben

1 Accepted Solution
BenZahler
Correct answer by
Level 2
Level 2

found the way this works: if the authorization fails, dispatcher serves the page from CQ5 uncached.

That means that any redirection can be implemented in CQ5.

Note that this also means that the authorization must be implemented in the CQ5 content as well!

View solution in original post

1 Reply
BenZahler
Correct answer by
Level 2
Level 2

found the way this works: if the authorization fails, dispatcher serves the page from CQ5 uncached.

That means that any redirection can be implemented in CQ5.

Note that this also means that the authorization must be implemented in the CQ5 content as well!

View solution in original post