Expand my Community achievements bar.

Guidelines for the Responsible Use of Generative AI in the Experience Cloud Community.
SOLVED

Setting up separate domain in Dispatcher for accessing Content Fragments

Avatar

Level 2

Hi all,

We are implementing Content Fragments to expose content for multiple Mobile applications and below is the structure we are planning to have it.

assets

       Mobilesite1

                  CF1, CF2 ..etc

        Mobilesite2

                  CF1, CF2...etc

We want to expose these fragments using a single domain and this domain should access only content fragments from above structure. Also other AEM website domains( we already have mutliple vhost entries in dispatcher)  should not have access to these Content fragments.

 

How to setup dispatcher for the domain to expose only content fragments and restrict other website domains to expose these content fragments?

 

We are still evaluating options to expose Content Fragments either by Assets API url or using Sling Model Exporter. But not sure whether this will have any impact in defining dispatcher rules to expose CF using a domain.

 

Appreciate suggestions..

 

Thanks.

 

 

 

1 Accepted Solution

Avatar

Correct answer by
Community Advisor

Hi @visa679 

You can setup another v-host and farm file for the content fragment domain and allow only the specific paths that is required for the content fragements.

Rest all paths can be blocked in these files.

 

/filter 
{
/0001 { /type "deny" /glob "*" }
/0002 { /type "allow" /url "/api/contentfragementpath" } # allowing only the content fragement paths
$include "commons/filter.any" # if you have any common rules
}

 

Same way for other brands you can allow only brand specific files and the content fragement paths will be blocked there so they will not be able to access it via dispatcher.

 

Hope this helps!

Thanks!

View solution in original post

5 Replies

Avatar

Correct answer by
Community Advisor

Hi @visa679 

You can setup another v-host and farm file for the content fragment domain and allow only the specific paths that is required for the content fragements.

Rest all paths can be blocked in these files.

 

/filter 
{
/0001 { /type "deny" /glob "*" }
/0002 { /type "allow" /url "/api/contentfragementpath" } # allowing only the content fragement paths
$include "commons/filter.any" # if you have any common rules
}

 

Same way for other brands you can allow only brand specific files and the content fragement paths will be blocked there so they will not be able to access it via dispatcher.

 

Hope this helps!

Thanks!

Avatar

Level 3
Thanks Asutosh. Our Dispatcher configurations are little different. Will try it out.

Avatar

Community Advisor

Hi @visa679 @Antony6790 

 

Let's say all your fragments are located in below path:

http://localhost:4502/assets.html/content/dam/we-retail/cfm/{somepath}

then you can allow only

/content/dam/we-retail/cfm in the CF dispatcher and rest all path can be blocked.

 

Thanks!

Avatar

Level 3

Thanks Asutosh.

 

In our setup, we have one generic publish farm file and in that we have included publish vhost.any, publish filter.any files and other includes. For each site we created a seperate vhost file under conf.d/available_vhost in which we include rewrite.rules file. All these virtual hosts/sites  will have common filter rules inheriting from generic publish farm.

 

So to access Content fragment with new domain, I'm creating another vhost file with rewrite rules.  However this will be inheriting  generic filter.any rules. To avoid this I have created new filter file( with Deny/allow rules) and included filter file in new vhost file.

 

Could you please review this setup and check if there will be any issues?

 

Thanks.

Avatar

Level 3
Also as per doc we can use Assets API to do CRUD operation. How to block create/update/delete operations with Assets API?