A repository connector supplies access tokens for each document. These access tokens can be either "allow" or "deny", and are added to an appropriate index in Solr. An authority connector maps user name (and domain) to the user's access tokens, which are incorporated into the search query done to locate documents.
All of this is explained quite thoroughly in ManifoldCF in Action. Karl On Mon, Jul 11, 2011 at 10:44 AM, Farzad Valad <ho...@farzad.net> wrote: > At some point, I'll need to integrate security into my work. When are the > access tokens mapped? Meaning when (which connector) do you map the token > to users and files, before it can be ready to access? > > On 7/9/2011 10:59 AM, daddy...@gmail.com wrote: >> >> The way mcf works is that you supply access tokens, which are arbitrary >> strings, with the document. You then need a corresponding authority >> connector which obtains the access tokens for a given user. the search >> engine then intersects the two at query time. >> >> Karl >> >> Sent from my Nokia phone >> -----Original Message----- >> From: Piergiorgio Lucidi >> Sent: 09/07/2011, 9:14 AM >> To: connectors-dev@incubator.apache.org; daddy...@gmail.com >> Subject: Re: CONNECTORS-221 and ACLs >> >> >> Hi Karl, >> >> my main goal was to create indexes of ACL informations in Solr to allow >> users to execute profiled queries. >> >> This means that create indexes all the informations about ACL is needed to >> write an AuthorityConnector, but I tried to take a look at the authority >> interface and I didn't see any way to get ACL using CMIS without the >> information about the current document. So I need the current >> documentIdentifier to get ACL from a content. >> >> Is this the correct approach or am I missing something? >> Thank you. >> >> Piergiorgio >> >> 2011/7/9 daddy...@gmail.com<daddy...@gmail.com> >> >>> Hi Piergiorgio, >>> >>> I am out of town this weekend so I cant comment fully and i havent yet >>> looked at your new patch. However, you will need to rethink how the acls >>> work with the cmis connector. MCF is designed to support multiple >>> connectors, with their own security arrangements, all working at the same >>> time, which means the cmis connector must operate within mcfs security >>> framework to be valid. >>> >>> If you have signed up for the ManifoldCF in Action book, I can send you a >>> number of chapters which will help. Based on what youve done so far I >>> would >>> guess you will need to write a cmis authority. You want chapters 4, 7, >>> and >>> 8, seems to me. >>> >>> Karl >>> >>> Sent from my Nokia phone >>> >> > >
