AEM · Dispatcher

AEM | CUG | Dispatcher configuration to cache secure pages


While configuring Dispatcher for some secure pages (defined using CUG), i faced challenges to configure dispatcher, so documenting my finding below:

Scenario: I am using AEM login functionality, With CUG enabled page protection, and using Dispatcher to cache my pages. I want to cache my secure and non-secure pages on dispatcher, but also want secure pages to be accessible to authenticated user only.

I followed following document: https://docs.adobe.com/docs/en/aem/6-1/administer/security/cug.html

Problem: My secure pages are not getting cached on dispatcher. When i configure allowAuthorized as 0, my secure pages get cached but not non-secure pages.

Solution: What i missed is to create multiple farms for same site. Basically we need to create two farm for same site. One is for secure (logged in state) and another for normal state.

  1. Normal state farm wont have authorize flag
  2. Secure state farm will have authorize flag and session configuration
  3. Both farms will have separate cache folder

Learning

  1. We can have multiple farms for same site.
  2. Each farm will entertain same domain, so we need to correctly configure /virtualhosts section of farm  to identify secure pages.
  3. /virtualhosts section can have relative path of same site. eg.
    /virtualhosts {
        # www.mysite.com
        # www.mysite.com/path/for/secure/pages 01
        # www.mysite.com/path/for/secure/pages 02
    }
  4. If you have multiple hierarchy of secure pages in site, make sure to define all hierarchy in /virtualhosts section
Reference:
  1. https://docs.adobe.com/docs/en/aem/6-1/administer/security/cug.html
  2. https://docs.adobe.com/docs/en/dispatcher/disp-config.html
Advertisements

2 thoughts on “AEM | CUG | Dispatcher configuration to cache secure pages

  1. Hi mkbansal!

    I have a requirement to create certain protected pages in my website which would only be accessible to the logged in users failing which the request would be redirected to the login page of the website.

    The catch here is that my users do not reside in AEM and I am checking the authenticity of the login using a third party REST services. I was wondering if I could leverage the Closed Users Groups to satisfy my requirement. If yes, what is the correct way to setup the Closed User Group for the same. Does it require any extra cofigurations/code?

    1. Hello Karttik, You can think of overriding OOB User Login solution and create your custom login which will generate a token which can be provided to AEM to make sure that user is logged in and have access to restricted pages.

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s