The secret life of a dispatcher (Adobe CQ AEM)

4,669 views

Published on

Adobe CQ AEM Platform.
Business Case: To improve performance of a website running on Adobe CQ AEM platform & secure it using CQ Dispatcher.

Published in: Technology

The secret life of a dispatcher (Adobe CQ AEM)

  1. 1. The Secret Life of CQ Dispatcher Venu Gummadala
  2. 2. What is a Dispatcher? ➲ A load balancing & ➲ A caching tool
  3. 3. Dispatcher – A Load Balancer CQ1CQ1CQ1 CQ3CQ2 Web server Dispatcher Client
  4. 4. Dispatcher – A Caching Tool CQ Web server Dispatcher Client Dynamic Content Remote Content Static Content
  5. 5. Why Use It ? ➲ As a load balancer prevents system from crashing by distributing requests among cq server instances. ➲ As a caching tool improves performance by serving static content locally from your web server.
  6. 6. But … ➲ You can also use it behind a physical load balancer. ➲ You can also use it for a single CQ instance. ➲ It is also valid for both Author & Publisher environments.
  7. 7. But .. why not CDNs? *should not be compared with CDNs … really ➲ CDNs are also caching tools ➲ CDNs serve digital assets from a geographical location near to you ➲ CDN is a implemented using a Provider ➲ Dispatcher is OTB and made for CQ
  8. 8. more than a CDN ➲ By serving static content from Web server process it reduces load on CQ server ➲ By enforcing rules it filters un-wanted traffic at the web server level itself ➲ By re-writing urls it protects CQ from hackers realizing the content paths ➲ By blocking url patterns, headers ensures added protection & system failure.
  9. 9. more than a CDN... Continued ➲ Gives the ability to include SSIs before request goes to CQ instance ➲ Improves User Experience on the site by responding quickly when serving static content ➲ Finally .. gives more control how you mange (delete or retain) cached files
  10. 10. ➲ Just a module and a config file to be used on a web server ➲ Usually obtained from daycare ➲ Supported web servers :- Apache Web Server – 2.0, 2.2 & 2.4 Microsoft IIS – 7.0, 7.5 & 8.0 & Oracle iPlanet Web server – 7.0 ➲ Instructions to install dev.day.com/install How to install?
  11. 11. How to configure? ➲ Edit your dispatcher.any file using any Editor. ➲ Sample dispatcher code structure.. /website { /clientheaders { } /virtualhosts { } /sessionmanagement { } /renders { } /filter { } /cache { /rules { } ➲ * preconfigured sample file here
  12. 12. /cache   {    /docroot "/opt/dispatcher/cache"    /statfile  "/tmp/dispatcher-website.stat"             /allowAuthorized "0"   /rules   {    /0000  { /glob "*" /type "allow" }    /0001  { /glob "/en/news/*" /type "deny" }    /0002  { /glob "*/private/*" /type "deny"  }      } ➲ What is cached ? Ans: Everything (specified by '*' and 'allow')  ➲ What is not cached? ( Or what not to cache ? ) Ans: Content under /en/news path & url containing private path ➲ Why ?  Ans: news can be a feed getting constant updates       private can be personalization or profile data ➲ What is docroot? Ans: location on your webserver where cached content is saved ➲ What is a statfile? Ans: A file that manages the register of the last time the content was updated ➲ What is allowAuthorized? Ans: A flag to indicate if auth header, auth cookie & login-token cookie can b cached   What is Cached ? & what is not ?
  13. 13. What is not Cached … ➲ Urls without file extensions e.g. /content/en is not cached ➲ Urls with query string parameters e.g. /content/en/blog/recipe.html?user='amy' is not cached ➲ HTTP 'post' method ➲ HTTP response status != '200 OK' ➲ Header response with 'Dispatcher: no-cache' What is Cached ? ... Continued & what is not ?
  14. 14. Dispatcher As a Security Tool ➲ Use filter to allow/deny actions &  access to paths/content/tools    Example /filter {  /0001 { /type "deny" /method "POST" /url "/etc/*" }  /0002 { /type "allow" /method "GET" /url "/etc/*" /query "a=*" }  /0003 { /type "deny"  /glob "GET *.infinity.json*" }  /0004 { /type "allow" /glob "* *.js *"    }  # enable javascript  /0005     {     /glob "* /publish/libs/cq/workflow/content/console/archive*"     /type "deny"    } } 0001: Deny all POST methods 0002: Allow GET methods with query parameter = a 0003: Prevent json content dumps 0004: Allow javascript resource files  0005: Deny access to protected areas & tools .. workflow console in this case. 
  15. 15. Dispatcher As a Security Tool   ➲ Use virtualhosts for ● Domain mapping ● Re-write urls etc. ➲ Example /virtualhosts       {       "www.isoap.com"       }     /renders       {       /hostname "internal.isoap.com"       /port "4503"       }
  16. 16. Appendix ➲ What is static content ? Content which may remain un-changed for a specific amount of time. For e.g. images, scripts, error pages etc. ➲ What is Dynamic Content? Content which may change with time such as a Sports Score Card, User Blogs, News etc.
  17. 17. More ? ➲ dev.day.com/more ➲ Even more ? ➲ How to configure a publisher environment ? ➲ Even more performance tweaks ? ➲ Deployment landscape & process ? ➲ For commercial implementations Contact: Venu.Gummadala@gmail.com Thank you ...

×