In order to enable permission sensitive caching, add the following section to your farm in the dispatcher.any configuration file. The sample configuration below enables checking for html pages only.
Objective
How to enable the permission sensitive caching feature of the dispatcher module.
Steps
This feature requires an additional servlet, that will be deployed to AEM (you need to code a servlet that responds to HEAD requests to return the correct HTTP code). After deployment, checking whether a user is allowed to access some cached URI is done by requesting /bin/permissioncheck.html?uri=<handle>
.
-
# Authorization checker: before a page in the cache is delivered, a HEAD # request is sent to the URL specified in 'url' with the query string # '?uri=<page>'. If the response status is 200 (OK), the page is returned # from the cache. Otherwise, the request is forwarded to the render and # its response returned. /auth_checker { # request is sent to this URL with '?uri=<page>' appended /url "/bin/permissioncheck.html" # only the requested pages matching the filter section below are checked, # all other pages get delivered unchecked /filter { /0000 { /glob "*" /type "deny" } /0001 { /glob "*.html" /type "allow" } } # any header line returned from the auth_checker's HEAD request matching # the section below will be returned as well /headers { /0000 { /glob "*" /type "deny" } /0001 { /glob "Set-Cookie:*" /type "allow" } } }
-
Next, implement and deploy a servlet like the example one below that responds to HEAD requests. Note that a 200 response means the user has access to retrieve the file directly from the dispatcher cache. Any other status than 200 means the request would not be served from cache.
Below is sample code that implements the servlet for AEM 6 (thanks to Dominique):
[1] Sample Code
Sample code for the permission sensitive caching servlet. The servlet below responds to HEAD requests with a 200 response if the authenticated user has access to view the specified URI.
Sample code for the permission sensitive caching servlet. The servlet below responds to HEAD requests with a 200 response if the authenticated user has access to view the specified URI.
Applies To
Dispatcher 4.0.2+ and AEM 6.x