Back to tool

AEM Dispatcher Rule Tester — User Guide

This tool simulates how the AEM Dispatcher evaluates your filter and cache rules against a request. Everything runs in your browser — nothing is uploaded.

Quick start

  1. Paste your filter rules (the /filter section) into the first box — or click Load sample.
  2. Optionally paste your cache rules (the /cache /rules section) into the second box.
  3. Choose a method and enter a test URL or path.
  4. Read the verdict: Allowed / Denied for the filter, and Cacheable / not for the cache rules — each with the matching rule shown.

How evaluation works

The Dispatcher reads rules top-to-bottom and the last matching rule wins. The tool mirrors this: it lists every rule that matches your URL and applies the last one as the decision. If no rule matches the request filter, the request is denied by default.

What's parsed

Each rule block of the form /0001 { /type "allow" /url "/content/*" } is parsed for:

  • /typeallow or deny.
  • A pattern — from /glob, /url, or /path (first one found).
  • /method — optional; the rule only matches that HTTP method.
  • /extension — optional; the rule only matches that file extension.

Glob patterns support * (any characters) and ? (one character). For request-line style globs like * /content/* *, the path-looking token is used for matching.

Reading the result

  • The winning rule is shown with its rank (e.g. /0001) and full source.
  • No matching rule on the filter means the Dispatcher would deny the request by default.
  • The cache verdict tells you whether the Dispatcher would store the response — useful for confirming that HTML is cached but JSON/secure paths are not.

Limitations

This is a logic simulator for the common /type, /url, /glob, /path, /method, and /extension properties — it does not run a real Apache + Dispatcher module, evaluate /allowedClients, header/cookie rules, or stat-file invalidation. Always confirm critical rules against a real Dispatcher in a non-production environment.

Tips

  • Test both an allowed path (e.g. /content/site/en/page.html) and a path that should be blocked (e.g. /system/console) to confirm your deny rules work.
  • Add a catch-all deny "*" as your first rule and allow specific paths after it — the safest default.