Adobe Experience Manager Sites & More

You may still cache say 10-20% of the requests with specific patterns and extensions but I don't think that's worth the effort.

However, after reading this "caution statement", I'm confused that is it even a real-life use case? Even if you use multiple authors, say for load-balancing, then Touch UI would still be utilized for majority of interactions which breaks the deal.

Caution Statement

if you are using AEM with Touch UI you should not cache author instance content.

We could disable /crx/de and other paths in the author itself rather than using dispatcher for this use case. Same goes with ACLs/security aspects

It's not the same approach.

By using the dispatcher you could disable it without give access to the AEM instance.

An other point is that in a typical architecture you cannot expose directly the AEM instance in internet but you need to use an Apache.

In fact the AEM instance need to be used in VPN and the business could use the Apache which is in DMZ.

And as i told before, with dispatcher you could also enable the https that in some cases need to be used for some request (e.g. authentication with some external system).

https://helpx.adobe.com/experience-manager/dispatcher/using/security-checklist.html#Enable HTTPS for transport layer security

Good point about security, antoniom54959291​, indeed https is required for SSO integration or authentication flow if handled by directly by author.

Does anyone know why Touch UI requests cannot be cached? All content related GET calls have timestamped URL query so they are bypassing cache anyway.

You cannot cache the touch UI request because otherwise you are not able to use the new version of css or js if you install a new SP or CFP. And you need to delete the generated cache manually after the update of your instance.

Just for HTTPS/Security, you don't need a reverse proxy(Dispatcher), you could simply use a normal proxy and achieve the same results.

Hi gauravb10066713,

as i told in the previous responses is not only for HTTPS, but also for security.

If you need some other info you can just check the standard configuration in the author_dispatcher.any (that you have in the default installation) to understand which are all the security configuration that are applied in a dispatcher in front of the author.

Thanks,

Antonio

You cannot cache the touch UI request because otherwise you are not able to use the new version of css or js if you install a new SP or CFP. And you need to delete the generated cache manually after the update of your instance.

I don't think it is the case otherwise Classic UI was also mentioned. There is something specific to Touch UI they had in mind