the secret life of a dispatcher (adobe cq aem)
TRANSCRIPT
Recommendation of a Strategy
The Secret Life of CQ Dispatcher
Venu Gummadala
What is a Dispatcher?
A load balancing &
A caching tool
Dispatcher A Load Balancer
CQ1CQ1CQ1CQ3CQ2
Web server
Dispatcher
www.
Client
Dispatcher A Caching Tool
CQ
Web server
Dispatcher
www.
Client
Dynamic Content
Remote Content
Static Content
Why Use It ?
As a load balancer prevents system from crashing by distributing requests among cq server instances.
As a caching tool improves performance by serving static content locally from your web server.
But
You can also use it behind a physical load balancer.
You can also use it for a single CQ instance.
It is also valid for both Author & Publisher environments.
But .. why not CDNs?
*should not be compared with CDNs really
CDNs are also caching tools
CDNs serve digital assets from a geographical location near to you
CDN is a implemented using a Provider
Dispatcher is OTB and made for CQ
more than a CDN
By serving static content from Web server process it reduces load on CQ server
By enforcing rules it filters un-wanted traffic at the web server level itself
By re-writing urls it protects CQ from hackers realizing the content paths
By blocking url patterns, headers ensures added protection & system failure.
more than a CDN... Continued
Gives the ability to include SSIs before request goes to CQ instance
Improves User Experience on the site by responding quickly when serving static content
Finally .. gives more control how you mange (delete or retain) cached files
Just a module and a config file to be used on a web server
Usually obtained from daycare
Supported web servers :-
Apache Web Server 2.0, 2.2 & 2.4
Microsoft IIS 7.0, 7.5 & 8.0
& Oracle iPlanet Web server 7.0
Instructions to install
dev.day.com/install
How to install?
How to configure?
Edit your dispatcher.any file using any Editor.
Sample dispatcher code structure..
/website
{ /clientheaders{}/virtualhosts{}/sessionmanagement
{}/renders{}/filter{}/cache{/rules{}* preconfigured sample file
here
/cache{ /docroot "/opt/dispatcher/cache" /statfile "/tmp/dispatcher-website.stat" /allowAuthorized "0"
/rules{/0000 { /glob "*" /type "allow" }/0001 { /glob
"/en/news/*" /type "deny" }/0002 { /glob "*/private/*" /type "deny"
} }What is cached ?
Ans: Everything (specified by '*' and 'allow')
What is not cached? ( Or what not to cache ? )
Ans: Content under /en/news path & url containing private
path
Why ? Ans: news can be a feed getting constant updates
private can be personalization or profile data
What is docroot?Ans: location on your webserver where cached content is saved
What is a statfile?
Ans: A file that manages the register of the last time the content
was updated
What is allowAuthorized?Ans: A flag to indicate if auth header,
auth cookie & login-token cookie can be cached
What is Cached ?
& what is not ?
What is not Cached
Urls without file extensions e.g. /content/en is not
cached
Urls with query string parameterse.g.
/content/en/blog/recipe.html?user='amy' is not cached
HTTP 'post' method
HTTP response status != '200 OK'
Header response with 'Dispatcher: no-cache'
What is Cached ? ... Continued
& what is not ?
Dispatcher As a Security Tool
Use filter to allow/deny actions & access to paths/content/tools
Example
/filter {/0001 { /type "deny" /method "POST" /url "/etc/*" }/0002 { /type "allow" /method "GET" /url "/etc/*" /query "a=*" } /0003 { /type "deny" /glob "GET *.infinity.json*" }/0004 { /type "allow" /glob "* *.js *" } # enable javascript/0005{/glob "* /publish/libs/cq/workflow/content/console/archive*"/type "deny" }}
0001: Deny all POST methods0002: Allow GET methods with query parameter = a0003: Prevent json content dumps0004: Allow javascript resource files 0005: Deny access to protected areas & tools .. workflow console in this case.
Dispatcher As a Security Tool
Use virtualhosts forDomain mapping
Re-write urls etc.
Example
/virtualhosts{"www.isoap.com"}/renders{/hostname "internal.isoap.com"/port "4503"}
Appendix
What is static content ? Content which may remain un-changed for a specific amount of time. For e.g. images, scripts, error pages etc.
What is Dynamic Content?Content which may change with time such
as a Sports Score Card, User Blogs, News etc.
More ?
dev.day.com/more
Even more ?
How to configure a publisher environment ?
Even more performance tweaks ?
Deployment landscape & process ?
For commercial implementationsContact:
[email protected]
Thank you ...