Sunday, February 17, 2019

Creating Scheduler in AEM 6.4

Creating Scheduler in AEM 6.4


1. Implement an @interface with @ObjectClassDefinition annotation. Let's name it SchedulerConfiguration 
2. Provide properties like schedulerName, enabled, cronExpression, and other parameters if required to be configured in config manager
3. Now, implement a scheduler class that implements runnable with @component and @designate as the class annotations
4. Implement @Activate activate(SchedulerConfiguration config), @Deactivate deactivate(..), @Modified modified(..) methods
5. Add scheduler using - scheduler.schedule(this, scheduleOptions) here schedule options will be taken from cronExpression on SchedulerConfiguration.
6. Override run method (required for ruunable interface)


Changes in new Dispatcher - 4.2.3

Changes in new Dispatcher - 4.2.3


Dispatcher

URL decomposition in - path, selectors, extension, suffix, query string

Caching condition :

URL must be allowed by cache rule /cache
URL must have file extension / Not cached because dispatcher will not know what kind of contents are there
No query parameter - Search more about what query parameters are allowed
No suffix without extension
GET method / Now head is not allowed
HTTP response must be 200 OK
May cache 300 Redirect in future
Head must not have cache control headers like dispatcher : no-cache , cache-control : no-cache
For suffix, children of already cached page will not be cached
If you already have child cache for suffix, the child will be deleted and parent will stay


New features :

Response header caching :
This is introduced as encoding may get lost from your site and the contents may not be displayed correctly. So, the header will be cached in new version of dispatcher.

Disposition content header (need to research more)


TTL based invalidation and invalidation-throttling :
Helpful when you have some content/pages those you do not want to automatically invalidate
Way 1:
You can provide cache-control : max-age
and enableTTL
Way 2:
filter.pattern
/gracePeriod
To reduce the load of continuous invalidations

Regular Expressions in /cache and /filter (written inside single quote) :
Earlier :
We deny everything and then allow the required extensions
/filter
{
/001 {/type "deny" /glob "*"}
/002 {/type "allow" /glob ".png"}
/003 {/type "allow" /glob ".jpg"}
/004 {/type "allow" /glob ".jpeg"}

}
Structured approach
/extension added to /filter
/filter
{
/001 {/type "deny" /glob "*"}
/002 {/type "allow" /extension "png"}
/003 {/type "allow" /extension "jpg"}
/004 {/type "allow" /extension "jpeg"}
}

Now:
/filter
{
/001 {/type "deny" /glob "*"}
/002 {/type "allow" /extension '(png|jpe?g)'}
}
here e? means e is optional

Small Things :
1. Cache hit ratio to be displayed on log
2. Also will show farm/backend
3. Each farm can be separated and put in separate files with their order
i.e. 00-farm1.any
01-farm2.any
4. Virtual hosts can now have regular expression. like *.test.com


Wednesday, January 30, 2019

Interview Questions for Architect Level

Interview Questions for Architect Level

What is sling distribution? Or how will you replicate different user groups and permissions across different publishers?
- Used for user synchronization
- User data is stored at oak core, lower later to jcr
- This ensures users, user group and user profiles created on publisher are not replicated to author
- data is sent only to non-originating publishers
- ACLs are included in the distribution
- Locate apache sling distribution agent factory and find out socialpubsync and enable it.

What are the different application security provided in AEM?
- XSS protection
 * cross site scripting. It allows to inject code into webpages by passing the access control.
 * AEM uses antisamy java liberary to protect from it. /libs/cq//xssprotection/config.xml
- CSRF protection
 *Uses tokens to authenticate the request /etc/keys/hmac
- Dos attack protection
 *Making computer resource unavailable for intended users with flood of request or with a request for more information than the application can return.
 *Restrict the selectors
 *Sling Get servlet configuration
 *User fire wall filters
- Configure https
- Always have upto date security hotfixes
- change default passwords of default users
- Custom error handler
- Dispatcher check list to be followed
  *configure white-list of websites those can interact with your site
  *configure filters
  *restrict selectors
  *allow csrf token json path
  *prevent clickjacking by providing X-FRAME-OPTIONS to SAMEORIGIN

What is csrf attack and how to prevent it?
-Referrer filter or CSRF protection framework.
-AEM provides CSRF framework. Which uses tokens to identify the legitimate client requests.
-Any component dependent upon granite.jquery will benefit from this framework.
-granite.csrf.standalone should be your component dependency to make use of the framework.
-to use tokens you need to replicate /etc/keys/hmac to all deployed instances.

One example of solution you've provided in current project?
- Client wanted to remove and recreate solr index for the assets those are activated again.
- Configure solr in AEM
- Make it index asset details like name, tag etc by changing crawContent method
- Create a deleteSolrAssetService and implement method deleteById
- Implement custom transport handler and custom content builder
- Implement canHandle and deliver methods of custom transport handler
- In deliver method handle when it is transport action is replicate and resourceType = dam:assetcontent
- invoke delete Solr asset Service = deleteById method and delete the asset ids exracted from transportContext

Solr implementation?
- Select and download solr zip file from the download site
- start solr with solr start -e cloud - noprompt
- Create and configure solr configuration service. Which should have host, port and other required details for the solr indexing and searching
- Ensure your project as solr dependencies added in pom.xml
- Use HttpSolrClient to send request to solr server from aem
- Define servlets for handling delete/create index commands from front end pages
- Define indexer page using js (usually copied from the solr code given on AEM 6.3 help site)

Multisite management? - How to create blueprint and then how to send the pages for translation. Learn about Smartling.
- Create a source site (most of the times it is in English)
- Determine roll-out configuration
- Determine where roll-out configuration is required and configure it
- create a live copy
- Roll-out the blueprint and synchronize live copy when needed
- For translation configure translation cloud services to connect to the translation service
- Download and install connector package
- Configure page for translation
- Set cloud services in the page that need to be translated

Different types of translation connectors in AEM?
- Download and install translation connector from packageshare
- Configure the translation connector by going to tools>cloud services>legacy cloud services
- Configure translation provider at tools>cloud services>translation cloud services
- Configure properties on site, communities and asset tabs and save
- On page, go to properties and go to cloud services tab and configure translation integration
- go to language master and create a language copy/live copy
- create a translation project and give it a name and provide source and destination languages. Also provide manual or machine translation service to be used.
- Go to translation job and add pages and assets to be translated
- Start the translation process
- Preview and approve the translation
- View the page

Can you please explain about SDI?
- Used for replacing dynamic generated components like price component, current foreign rate component etc
- Used to make whole page cached except the dynamic component
- Use nocache selector to ensure the component is not cached
- Download and install sling dynamic includes bundle
- Configure it via osgi configuration
- Add include module in apache httpd
- Change vhost file for includes
- Allow nocache selector in dispatcher
- Enable ttl in dispatcher
- Include component like --- <!--#include virtual="/content/geometrixx/en/jcr:content/carousel.nocache.html" -->

What is permission sensitive caching?
- Before serving a cached page, dispatcher can determine if the content can be served to the user or not.
- Implement a servlet that authorizes a user
- Configure auth_checker in dispatcher.any
- Dispatcher using this configuration sends request to servlet for authorization with all the header received in the request
- Servlet responds to the dispatcher indicating if the user is authorized or not

Caching in AEM
- Browser caching : cache-control: max-age=
- CDN caching :
- AEM dispatcher caching :


How to ensure client libs are not loaded more than once when they're defined at component level?
- This is taken care by HTL
- The HTL processor at runtime keeps a map of categories that have already been included and does not include them again.

Please view here

Why more than one Publish servers are required on production?
- Redundancy
- Scalability

Please view here


Explain resource bundle hierarchy.

The dictionary entries for one JcrResourceBundle are always ordered like the resource resolver search paths, so usually

dictionary entries below /apps
dictionary entries below /libs
dictionary entries anywhere else (outside the search path)
That means that the message for the same key in /apps overwrites the one in /libs (if both are for the same locale and base name). Within those categories the order is non-deterministic, so if there is more than one entry for the same key in /apps/... (for the same locale and base name), any of those entries may be used.

The resource bundles of the same base name with different locales also form a hierarchy. Each key is looked up recursively first in the current resource bundle and then in its parent resource bundle. The parent resource bundle is the one having the same base name but the parent locale.

The locale hierarchy is ordered like this:

<Language> <Country> <Variant>
<Language> <Country>
<Language>
<Default Locale>, usually en
So for the locale de-DE-MAC the fallback order would be

de-DE-MAC
de-DE
de
en
In case there is a resource bundle requested for a locale without country or variant, there is only 1 fallback (i.e. the default locale). The last resort (root resource bundle in all hierarchies) is always the bundle which returns the requested key as the value.






Some more AEM 6 Interview Questions for Architects

 Some more AEM 6 Interview Questions for Architects 1. Consider you have a workflow with two steps. One step is to transfer the asset from s...