Expand my Community achievements bar.

SOLVED

Permission sensitive caching

Avatar

Level 3

HI ,

 

How can we do permission sensitive caching in Akamai for the resources that have a permission on the origin server like AEM.

it would be great help if  comment who has  already worked on this.

 

Thanks,

Venkatesham

1 Accepted Solution

Avatar

Correct answer by
Community Advisor

@Apmag 

Akamai CDN has no user base where it can check authentication against, so it can't authenticate for permission.

There are two parts in this question: Authentication and Authorization.

 

Authorization

To grant access by urls we would use property manager rules which can match by value, wildcard or regex.

 

Authentication

  • Akamai can validate by Token Auth (this is a simple signed token added as a query parameter or a cookie to a request).
  • JWT-tokens would be possible (requires some advanced configuration, behaviors in property manager are planned).
  • Such tokens need to be set by the origin as is part of origin application.
  • This video gives an simple example with node.js https://www.youtube.com/watch?v=nbZQPkf5k2w
  • Token Auth is the most popular option.

 

Alternatively Akamai can validate incoming requests could be authenticated against origin (as a https request to origin, once responded with 200 access would be granted and the asset can be delivered from Edge).

This methods are called Centralized and Remote Authorization, please check with your Akamai Representative for details.

 

Regards,

Raja

View solution in original post

2 Replies

Avatar

Correct answer by
Community Advisor

@Apmag 

Akamai CDN has no user base where it can check authentication against, so it can't authenticate for permission.

There are two parts in this question: Authentication and Authorization.

 

Authorization

To grant access by urls we would use property manager rules which can match by value, wildcard or regex.

 

Authentication

  • Akamai can validate by Token Auth (this is a simple signed token added as a query parameter or a cookie to a request).
  • JWT-tokens would be possible (requires some advanced configuration, behaviors in property manager are planned).
  • Such tokens need to be set by the origin as is part of origin application.
  • This video gives an simple example with node.js https://www.youtube.com/watch?v=nbZQPkf5k2w
  • Token Auth is the most popular option.

 

Alternatively Akamai can validate incoming requests could be authenticated against origin (as a https request to origin, once responded with 200 access would be granted and the asset can be delivered from Edge).

This methods are called Centralized and Remote Authorization, please check with your Akamai Representative for details.

 

Regards,

Raja