March 29, 2020
Estimated Post Reading Time ~

Debugging Dispatcher Authorization Issues

Recently while doing dispatcher configuration for an AEM Website, I realized
that the cache ratio was 0% and the requests were not caching in the dispatcher.

While checking the dispatcher logs in detail I realized that dispatcher is considering every request as a secure request.

Here, The website is completely static and there is no login and secured content. So why the dispatcher is showing “request contains authorization”.

Because of this issue, all the requests were hitting to publisher every time and that makes the page performance low.

The simple and quick solution for this is to allow caching of authorized content with the dispatcher setting.
But this is not an ideal way of doing it. We need to figure out why this issue is coming.

However this setting now allows caching of secure content, which may be a security concern.

But this is not an ideal way of doing it. We need to figure out why this issue is happening.

So I figured out that Dispatcher was having a public domain and can be accessed from anywhere and client don’t want people to access it before going live.

To resolve this I had added a secure layer in Apache. Because of that additional
security, every request contains “Authorization” in header and
dispatcher understood it as a secure content.

So remember, don’t simply set /allowAuthorized to “1” in order to solve an authorisation problem unless you actually have secured content that you want to cache – there may be other reasons your dispatcher is thinking your request contains authorisation headers.

To solve my issue, I added allowAuthorized as “1” for the appropriate performance testing on pre production server, as client don't want to remove this security layer from dispatcher until go live. 

If I don't do that this may impact the Performance Test results but I will again make it “0” once we go live.


By aem4beginner

No comments:

Post a Comment

If you have any doubts or questions, please let us know.