In this tutorial, I am going to take you through how to set up a dispatcher in AEM. Setting up a dispatcher and configuring it, is generally a job of the system administrator. But now a day’s companies are looking for developers who are multi-tasking and can also take up the job of system admin along with development as and when required. So, it makes it more important to learn how to set up a dispatcher in AEM for developers also.
After completing this tutorial you should be able to tell: -
What is a Dispatcher: -
The dispatcher is the CQ Load balancing and caching tool. It runs on a web server (IIS or Apache). In order to improve CQ response time, it is very important that most of the content is served by the webserver. Dispatcher provides following benefits,
§ Load Balancing: Dispatcher provides a way to balance the load between different publish server.
§ Static Content delivery: Dispatcher provides a powerful way to deliver and invalidate static content.
§ Security: Dispatcher adds an extra layer of security to the CQ hosted site.
§ fail-safe coverage: In case of CQ instance is down dispatcher can serve the request.
In addition to the above benefits, the Dispatcher module provides various configurations to optimize Content delivery in CQ.
Dispatcher Caching Architecture:
Dispatcher follows a simple rule:
§ If a document is present in the cache, dispatcher returns document from the cache
§ If Document is not present in the cache then request is made to CQ instance to serve the document. And depending upon if the document can be cached or not it is cached in the dispatcher.
There are two-way content is updated in Dispatcher:
§ Content Update: Through Syndication request from Author or publish request. This cause cached files to be deleted from dispatcher and update "stat file"
§ Auto invalidation: This caused part of the cache to get invalidated without physically deleting the cached file.
How Dispatcher Returns Document:
Which documents is subjected to caching in Dispatcher:
§ If the document is requested through GET or HEAD request
§ If there is no query parameter (?) in request
§ If there is no extension to request. In that case, the dispatcher can not determine MIME Type and hence can not cache.
§ If there is no authentication header to request.
§ If the document is not denied by caching rule in the dispatcher.
More detail about dispatchers can be obtained from here.
Install Apache Web server on Windows:
Download the previous version binary MSI file http://archive.apache.org/dist/httpd/binaries/win32/ .In these tutorials, I am going to use Apache webserver 2.2 version as a dispatcher is not supported for windows Apache web server 2.4 and above.
Double click the msi file and click next and finish
Note:- If you are getting an error message that port already in use update the port number in httpd.conf file(C:\Program Files (x86)\Apache Software Foundation\Apache2.2\conf) and restart the server. If the webserver is installed successfully then you will receive a screen saying “it works” else you will get a blank screen.
· Go to your httpd.conf file C:\Program Files (x86)\Apache Software Foundation\Apache2.2\conf
· Change default Define SRVROOT or ServerRoot path to absolute path of your apache2.2 folder “C:\Program Files (x86)\Apache Software Foundation\Apache2.2” (Line – 38).
· Update listen port Listen 8080 (Line – 47), it is optional if you don’t want to change you can keep default port as 80.
· Update ServerName localhost:8080 (Line – 173), it is optional if you don’t want to change you can keep default port as 80.
· Go to the bin folder and open the command prompt.
· run httpd -k install
· run httpd -k start
Note:- If you are getting an error message on command prompt that port already in use, go to httpd.conf, it is the dispatcher configuration file. open this file and change the Listen port.
Note:- If you are getting error vcruntime140.dll is missing, then you might not have installed it or try re-installing Visual C++ studio. You can get Microsoft Visual C++ Redistributable from the official Microsoft website. Click the download button
Test successful installation of Apache:-
Goto localhost:8080. If it is successfully installed. you will get an apache haus page. Else you will receive a blank screen.
Installing Dispatcher on the webserver for windows machine:-
It’s very simple to install and a plugin dispatcher on any web server. You just need to follow below steps:-
· Download dispatcher build
· Modify Apache webserver httpd.conf file
· Modify dispatcher.any file
· Restart Apache web server and you are done.
Download dispatcher build:-
Download the latest dispatcher build, but for the window as we don’t have dispatcher build for windows. We are going to use Apache 2.2 as stated above.
· Download dispatcher-apache2.2-windows-x86-4.2.1.zip.
· Unzip the downloaded dispatcher zip file. It will contain:-
§ disp_apache2.2.dll – This is my dispatcher module file, which we will plugin with web server.
§ dispatcher. any – It is our dispatcher configuration file.
§ author_dispatcher.any – Sample file for configuring our dispatcher.
§ httpd.conf.disp2.conf – sample file to configure apache webserver.
· Now got to Apache installation directory C:\Program Files (x86)\Apache Software Foundation\Apache2.2\conf and open httpd.conf file.
· Open you httpd.conf.disp2 also copy below setting from this file to httpd.conf file
§ Copy LoadModule dispatcher_module modules/mod_dispatcher.so at (line 234) and paste anywhere in httpd.conf file. I am going to paste it at (line 130) where my load modules are ending.
Note:-This setting is used by apache webserver to load my dispatcher when the next time the Apache web server is started.
Note:-This setting is used by apache webserver to load my dispatcher when the next time the Apache web server is started.
§ As my dispatcher module name is disp_apache2.2.dll. I will change modules/mod_dispatcher.so in the above line to modules/disp_apache2.2.dll.
§ Now copy the dispatcher level setting from httpd.conf.disp2.conf (Line 236 -284) as shown below and paste it to httpd.conf file after ending of </IfModule> tag. I am pasting it at (line 146) where my if the module is ending. This setting consists of:-
o DispatcherConfig – location of the configuration file
o DispatcherLog– location of the dispatcher log file
o DispatcherPassError – to use your dispatcher for handling errors, if set to 1 then webserver will handle errors.
o DispatcherKeepAliveTimeout – Time interval fo which your request should be kept alive.
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
| </strong></em><IfModule disp_apache2.c># location of the configuration file. eg: 'conf/dispatcher.any'DispatcherConfig conf/dispatcher.any# location of the dispatcher log file. eg: 'logs/dispatcher.log'DispatcherLog logs/dispatcher.log# log level for the dispatcher log, can be either specified# as a string or an integer (in parentheses)# error(0): Errors# warn(1): Warnings# info(2): Infos# debug(3): Debug# trace(4): TraceDispatcherLogLevel warn# if turned on, the dispatcher looks like a normal moduleDispatcherNoServerHeader Off# if turned on, request to / are not handled by the dispatcher# use the mod_alias then for the correct mappingDispatcherDeclineRoot Off# if turned on, the dispatcher uses the URL already processed# by handlers preceeding the dispatcher (i.e. mod_rewrite)# instead of the original one passed to the web server.DispatcherUseProcessedURL Off# if turned to 1, the dispatcher does not spool an error# response to the client (where the status code is greater# or equal than 400), but passes the status code to# Apache, which e.g. allows an ErrorDocument directive# to process such a status code.## Additionally, one can specify the status code ranges that should# be left to web server to handle, e.g.## DispatcherPassError 400-404,501DispatcherPassError 0## DispatcherKeepAliveTimeout specifies the number of seconds a# connection to a backend should be kept alive. If not set or# set to zero, connections are not kept alive.##DispatcherKeepAliveTimeout 60</IfModule> |
Note:- Do not paste this if module under any existing if module.
·
§ Now copy the dispatcher handler from httpd.conf.disp2.conf (line 370) to httpd.conf file (line 238) . This will override the default handle of the web server and allow the dispatcher to entertain all income requests. httpd.conf line number might vary in different versions search for the below code in httpd.conf file:-
1
2
3
4
| <Directory />AllowOverride noneRequire all denied</Directory> |
§ and add below code by creating one more directory tag:-
1
2
3
4
5
6
7
8
9
10
11
| <Directory /> <IfModule disp_apache2.c> ModMimeUsePathInfo On # enable dispatcher for ALL request. if this is too restrictive, # move it to another location SetHandler dispatcher-handler </IfModule> Options FollowSymLinks AllowOverride None</Directory> |
· Now copy this disp_apache2.2.dll file from downloaded dispatcher and paste it under C:\Program Files (x86)\Apache Software Foundation\Apache2.2\modules.
· Now copy dispatcher.any file from downloaded dispatcher and paste it under C:\Program Files (x86)\Apache Software Foundation\Apache2.2\conf directory.
· Double click and open dispatcher.any file and let make few modifications to make our dispatcher up and running.
§ Go to line 31 and update the renders section to point our publish instance. Update the hostname if required currently, it is pointing to localhost and port to 4503 (My publish instance port).
§ Go to line 77 and instead of denying all requests lets allow all requests for testing. For Publish instance you should deny all requests and allow specific, For author instance, you should allow all and deny specific.
§ Update cache Doc Root. It should exactly match my httpd.conf Documentroot path. Copy Document root path from httpd.conf file and paste it in dispatcher.any file at line 132.
§ Save all settings and Restart your Apache Web server.
Test Dispatcher Installation:-
· Go to dispatcher.log and you can see Dispatcher initialized in a log file. It means our dispatcher is up.
· To check it is correctly plugin with our publish instance. Simply hit http://localhost:8181/content/geometrixx-outdoors-mobile/en.html and your geometrix page will come up.
Note:- If it is not loading make sure to publish instance is up and check web server error.log and dispatcher.log for more info.
That’s it, You have successfully set up and configured dispatcher on a windows server and plugged in it with AEM 6.2.
Secure CQ Using Dispatcher
CQ Can be used as the frontline for securing your CQ Application. You can keep your CQ in front of your author or publish instance and only allow certain requests to pass. Here is some configuration that you can use to secure your CQ instance.
1) /filters
Through CQ filters you can allow the only certain requests to pass to CQ. Some common best practice you should follow to allow filters are,
§ Starts with Deny all
§ Allow only what is required. Usually, only /content and /etc/designs should be accessed by users
§ Allow only authorized POST request
§ A recommended filter section will look like this.
Dispatcher Filter
# only handle the requests in the following acl. default is 'none'
# the glob pattern is matched against the first request line
/filter
{
# deny everything and allow specific entries
/0001 { /type "deny" /glob "*" }
# open consoles
# /0012 { /type "allow" /glob "* /crx/*" } # allow content repository
# /0013 { /type "allow" /glob "* /system/*" } # allow OSGi console
# allow non-public content directories
# /0021 { /type "allow" /glob "* /apps/*" } # allow apps access
# /0022 { /type "allow" /glob "* /bin/*" }
/0023 { /type "allow" /glob "* /content*" } # disable this rule to allow mapped content only
# /0024 { /type "allow" /glob "* /libs/*" }
# /0025 { /type "deny" /glob "* /libs/shindig/proxy*" } # if you enable /libs close access to proxy
# /0026 { /type "allow" /glob "* /home/*" }
# /0027 { /type "allow" /glob "* /tmp/*" }
# /0028 { /type "allow" /glob "* /var/*" }
# enable specific mime types in non-public content directories
/0041 { /type "allow" /glob "* *.css *" } # enable css
/0042 { /type "allow" /glob "* *.gif *" } # enable gifs
/0043 { /type "allow" /glob "* *.ico *" } # enable icos
/0044 { /type "allow" /glob "* *.js *" } # enable javascript
/0045 { /type "allow" /glob "* *.png *" } # enable png
/0046 { /type "allow" /glob "* *.swf *" } # enable flash
/0047 { /type "allow" /glob "* *.svg *" } # enable SVG
/0048 { /type "allow" /glob "* *.woff *" } # enable woff
/0049 { /type "allow" /glob "* *.ttf *" } # enable ttf
/0050 { /type "allow" /glob "* *.eot *" } # enable eot
/0051 { /type "allow" /glob "* *.jpg *" } # enable jpg
# enable features
/0061 { /type "allow" /glob "POST /content/[.]*.form.html" } # allow POSTs to form selectors under content
/0062 { /type "allow" /glob "* /libs/cq/personalization/*" } # enable personalization
/0063 { /type "allow" /glob "POST /content/[.]*.commerce.cart.json" } # allow POSTs to update the shopping cart
# deny content grabbing
/0081 { /type "deny" /glob "GET *.infinity.json*" }
/0082 { /type "deny" /glob "GET *.tidy.json*" }
/0083 { /type "deny" /glob "GET *.sysview.xml*" }
/0084 { /type "deny" /glob "GET *.docview.json*" }
/0085 { /type "deny" /glob "GET *.docview.xml*" }
/0086 { /type "deny" /glob "GET *.*[0-9].json*" }
/0087 { /type "deny" /glob "GET *.feed.xml*" }
# /0088 { /type "allow" /glob "GET *.1.json*" } # allow one-level json requests
# deny query
# This is only required if dispatching for CQ 5.5 or older
/0090 { /type "deny" /glob "* *.query*" }
}
2) /allowedclients
Through allowed client, you can configure clients (IP or HOST) allowed to initiate flush request. Some good practice for this would be
§ Deny access from everyone.
§ Allow specific allowed client
§ A recommended allowed client section will look like this
Allowed Client Dispatcher
/allowedClients { /0001 { /glob "*.*.*.*" /type "deny" } /0002 { /glob "127.0.0.1" /type "allow" } }
ispatcher zip download link is not working
ReplyDeleteyes, its not working
ReplyDelete