Adobe Experience Manager Sites & More

visa679 · 4/8/21

Hi all,

We are implementing Content Fragments to expose content for multiple Mobile applications and below is the structure we are planning to have it.

assets

Mobilesite1

CF1, CF2 ..etc

Mobilesite2

CF1, CF2...etc

We want to expose these fragments using a single domain and this domain should access only content fragments from above structure. Also other AEM website domains( we already have mutliple vhost entries in dispatcher) should not have access to these Content fragments.

How to setup dispatcher for the domain to expose only content fragments and restrict other website domains to expose these content fragments?

We are still evaluating options to expose Content Fragments either by Assets API url or using Sling Model Exporter. But not sure whether this will have any impact in defining dispatcher rules to expose CF using a domain.

Appreciate suggestions..

Thanks.

Asutosh_Jena_ · 4/8/21

Hi @visa679

You can setup another v-host and farm file for the content fragment domain and allow only the specific paths that is required for the content fragements.

Rest all paths can be blocked in these files.

/filter 
{
  /0001 { /type "deny" /glob "*" }
  /0002 { /type "allow" /url "/api/contentfragementpath" } # allowing only the content fragement paths
  $include "commons/filter.any" # if you have any common rules
}

Same way for other brands you can allow only brand specific files and the content fragement paths will be blocked there so they will not be able to access it via dispatcher.

Hope this helps!

Thanks!

View solution in original post

Asutosh_Jena_ · 4/8/21

Hi @visa679

You can setup another v-host and farm file for the content fragment domain and allow only the specific paths that is required for the content fragements.

Rest all paths can be blocked in these files.

/filter 
{
  /0001 { /type "deny" /glob "*" }
  /0002 { /type "allow" /url "/api/contentfragementpath" } # allowing only the content fragement paths
  $include "commons/filter.any" # if you have any common rules
}

Same way for other brands you can allow only brand specific files and the content fragement paths will be blocked there so they will not be able to access it via dispatcher.

Hope this helps!

Thanks!

Antony6790 · 4/12/21

Thanks Asutosh. Our Dispatcher configurations are little different. Will try it out.

Asutosh_Jena_ · 4/12/21

Hi @visa679 @Antony6790

Let's say all your fragments are located in below path:

http://localhost:4502/assets.html/content/dam/we-retail/cfm/{somepath}

then you can allow only

/content/dam/we-retail/cfm in the CF dispatcher and rest all path can be blocked.

Thanks!

Antony6790 · 4/21/21

Thanks Asutosh.

In our setup, we have one generic publish farm file and in that we have included publish vhost.any, publish filter.any files and other includes. For each site we created a seperate vhost file under conf.d/available_vhost in which we include rewrite.rules file. All these virtual hosts/sites will have common filter rules inheriting from generic publish farm.

So to access Content fragment with new domain, I'm creating another vhost file with rewrite rules. However this will be inheriting generic filter.any rules. To avoid this I have created new filter file( with Deny/allow rules) and included filter file in new vhost file.

Could you please review this setup and check if there will be any issues?

Thanks.

Antony6790 · 4/12/21

Also as per doc we can use Assets API to do CRUD operation. How to block create/update/delete operations with Assets API?

Adobe Experience Manager Sites & More

Setting up separate domain in Dispatcher for accessing Content Fragments

Learn

Documentation

Community

Support

Resources

Adobe account

Adobe