Your achievements

Level 1

0% to

Level 2

Tip /
Sign in

Sign in to Community

to gain points, level up, and earn exciting badges like the new
BedrockMission!

Learn More

View all

Sign in to view all badges

Unable to Run Dispatcher Flush Invalidate.cache

Avatar

Avatar
Validate 1
Level 3
Mayukh007
Level 3

Likes

15 likes

Total Posts

87 posts

Correct Reply

2 solutions
Top badges earned
Validate 1
Shape 1
Ignite 1
Give Back 5
Give Back 3
View profile

Avatar
Validate 1
Level 3
Mayukh007
Level 3

Likes

15 likes

Total Posts

87 posts

Correct Reply

2 solutions
Top badges earned
Validate 1
Shape 1
Ignite 1
Give Back 5
Give Back 3
View profile
Mayukh007
Level 3

31-03-2021

HI,

I am trying to run a jenkins job to flush dispatcher cache and getting below error.

<html><head>
<title>403 Forbidden</title>
</head><body>
<h1>Forbidden</h1>
<p>You don't have permission to access /dispatcher/invalidate.cache
on this server.</p>
<p>Additionally, a 403 Forbidden
error was encountered while trying to use an ErrorDocument to handle the request.</p>
</body></html>

Command I ran:

curl -H "CQ-Action: Delete" -H "CQ-Handle: /content/" -H "CQ-Path: /content/" -H "Content-Length: 0" -H "Content-Type: application/octet-stream" -H "Host:My_env_host_name" http://IP_OF_Dispatcher/dispatcher/invalidate.cache

 

When I login to that dispatcher machine as root user and try to execute that command (or using localhost), I get same error. I know the curl command is good as it works for other AEM Dispatchers.

 

Anybody have any suggestion what can be issue here..?

Accepted Solutions (1)

Accepted Solutions (1)

Avatar

Avatar
Establish
MVP
BrianKasingli
MVP

Likes

591 likes

Total Posts

572 posts

Correct Reply

219 solutions
Top badges earned
Establish
Ignite 1
Give Back 5
Give Back 3
Give Back 10
View profile

Avatar
Establish
MVP
BrianKasingli
MVP

Likes

591 likes

Total Posts

572 posts

Correct Reply

219 solutions
Top badges earned
Establish
Ignite 1
Give Back 5
Give Back 3
Give Back 10
View profile
BrianKasingli
MVP

01-04-2021

@Mayukh007 have a look at this easy to follow the guide, https://sourcedcode.com/blog/aem/how-to-setup-the-aem-dispatcher-flush-agent

- How is the /dispatcher/invalidate.cache generated

- How do we securely allow only specific IP addresses to make a flush cache request?

- How to configure a basic dispatcher flush agent on the AEM publish?

 

As a quick test, please try:

 

# The allowedClients section restricts the client IP addresses that are
# allowed to issue activation requests.
/allowedClients
{
# deny all clients
/0000 { /glob "*" /type "allow" }
}

 

 

Answers (3)

Answers (3)

Avatar

Avatar
Coach
Employee
jbrar
Employee

Likes

380 likes

Total Posts

868 posts

Correct Reply

283 solutions
Top badges earned
Coach
Establish
Give Back 50
Give Back 5
Give Back 3
View profile

Avatar
Coach
Employee
jbrar
Employee

Likes

380 likes

Total Posts

868 posts

Correct Reply

283 solutions
Top badges earned
Coach
Establish
Give Back 50
Give Back 5
Give Back 3
View profile
jbrar
Employee

01-04-2021

The forbidden(403) error means the Publish IP is not allowed to make flush requests to the dispatcher. Basically, the dispatcher checks all the allowedclients and if publish IP is not there, It does not allow any requests from that IP to be run on the dispatcher.

 

Although it seems like a user permissions issue but Its related to allowedlist of IP's

Avatar

Avatar
Affirm 100
Level 10
asutosh_jena
Level 10

Likes

412 likes

Total Posts

505 posts

Correct Reply

137 solutions
Top badges earned
Affirm 100
Ignite 1
Establish
Give Back 50
Give Back 5
View profile

Avatar
Affirm 100
Level 10
asutosh_jena
Level 10

Likes

412 likes

Total Posts

505 posts

Correct Reply

137 solutions
Top badges earned
Affirm 100
Ignite 1
Establish
Give Back 50
Give Back 5
View profile
asutosh_jena
Level 10

31-03-2021

Hi @Mayukh007 

 

You will need to allow the Jenkins IP from your dispatcher allowedClients section in .any file where you have allowed the publish IP already.

 

/allowedClients{
/0000 {
/glob "*.*.*.*"
/type "deny"
}
/0001 {
/glob "10.000.12.00" /* AEM PUBLISH IP */
/type "allow"
}
/0002 {
/glob "10.000.12.98" /* Jenkins IP */
/type "allow"
}
}   

 Thanks!

Avatar

Avatar
Validate 1
Level 6
rush_pawan
Level 6

Likes

91 likes

Total Posts

159 posts

Correct Reply

66 solutions
Top badges earned
Validate 1
Ignite 1
Give Back 5
Give Back 3
Give Back 10
View profile

Avatar
Validate 1
Level 6
rush_pawan
Level 6

Likes

91 likes

Total Posts

159 posts

Correct Reply

66 solutions
Top badges earned
Validate 1
Ignite 1
Give Back 5
Give Back 3
Give Back 10
View profile
rush_pawan
Level 6

31-03-2021