Sure. I will adding a page to documentation on this soon but in the meantime here is a short explanation that can get your started. Please note that this security implementation is for enforcement only.
Take a look at: https://github.com/apache/incubator-blur/blob/master/blur-core/src/test/java/org/apache/blur/thrift/BlurClusterTestSecurity.java To enable security you need to set a property on a table by table basis (or set is globally in blur-site.propeties). blur.record.security=true // see setupTableProperties method in the test Next you will need to add acl-read fields and optionally acl-discover fields. You can choose the column names. client.addColumnDefinition(name, new ColumnDefinition(family, columnName1, null, false, "acl-read", null, false)); client.addColumnDefinition(name, new ColumnDefinition(family, columnName2, null, false, "acl-discover", null, false)); // see postTableCreate in the test NOTE: You will need to do this for each family in the table. Next you will need to add ACLs to each record. record.addToColumns(new Column(columnName1, "role1|role2")); record.addToColumns(new Column(columnName2, "role3")); // see mutate in the test See http://accumulo.apache.org/1.6/accumulo_user_manual.html#_security_label_expression_syntax for security label expression syntax. Last to actually perform the search, you will need to setup the user. Map<String, String> attributes = new HashMap<String, String>(); attributes.put(BlurConstants.ACL_READ, "role1,role6,role2"); attributes.put(BlurConstants.ACL_DISCOVER, "role4,role5"); User user = new User("username", attributes); UserContext.setUser(user); // Run search UserContext.reset(); Hope this helps get you started. Aaron On Wed, Jan 21, 2015 at 8:31 AM, Dibyendu Bhattacharya < [email protected]> wrote: > Hi, > > I see some recent changes around Blur Security features and Access > Controls. Can you please share some examples/documentation how to use this. > > Regards, > Dibyendu >
