[
https://issues.apache.org/jira/browse/SOLR-1895?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=12862643#action_12862643
]
Karl Wright commented on SOLR-1895:
-----------------------------------
Hi Anders,
Indeed, I based some of the code in this ticket on code you had contributed in
SOLR-1834.
If we cooperate, I would suggest that we take the time and effort to understand
both SOLR-1834 and LCF, thoroughly. It is not clear from your comments that
you are familiar with the LCF security model - which to me seems to have many
of the same concepts as your offering, but built as part of an extensible
crawling framework. If you want to become more familiar with LCF, I suggest
that you start here, and look especially into the "Concepts and Terminology"
link.
http://incubator.apache.org/connectors/developer-resources.html
I think I have a good idea of the code in SOLR-1834, but obviously I cannot
read your intent, and how you would anticipate system integrators make use of
this proposal. If you would like to clarify, please provide some use cases
(e.g. reasonably detailed scenarios) so that I'm sure we are both on the same
page. ;-)
Thanks,
Karl
> LCF SearchComponent plugin for enforcing LCF security at search time
> --------------------------------------------------------------------
>
> Key: SOLR-1895
> URL: https://issues.apache.org/jira/browse/SOLR-1895
> Project: Solr
> Issue Type: New Feature
> Components: SearchComponents - other
> Reporter: Karl Wright
> Fix For: 1.5
>
> Attachments: LCFSecurityFilter.java, LCFSecurityFilter.java,
> LCFSecurityFilter.java
>
>
> I've written an LCF SearchComponent which filters returned results based on
> access tokens provided by LCF's authority service. The component requires
> you to configure the appropriate authority service URL base, e.g.:
> <!-- LCF document security enforcement component -->
> <searchComponent name="lcfSecurity" class="LCFSecurityFilter">
> <str
> name="AuthorityServiceBaseURL">http://localhost:8080/lcf-authority-service</str>
> </searchComponent>
> Also required are the following schema.xml additions:
> <!-- Security fields -->
> <field name="allow_token_document" type="string" indexed="true"
> stored="false" multiValued="true"/>
> <field name="deny_token_document" type="string" indexed="true"
> stored="false" multiValued="true"/>
> <field name="allow_token_share" type="string" indexed="true"
> stored="false" multiValued="true"/>
> <field name="deny_token_share" type="string" indexed="true" stored="false"
> multiValued="true"/>
> Finally, to tie it into the standard request handler, it seems to need to run
> last:
> <requestHandler name="standard" class="solr.SearchHandler" default="true">
> <arr name="last-components">
> <str>lcfSecurity</str>
> </arr>
> ...
> I have not set a package for this code. Nor have I been able to get it
> reviewed by someone as conversant with Solr as I would prefer. It is my
> hope, however, that this module will become part of the standard Solr 1.5
> suite of search components, since that would tie it in with LCF nicely.
--
This message is automatically generated by JIRA.
-
You can reply to this email to add a comment to the issue online.
---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscr...@lucene.apache.org
For additional commands, e-mail: dev-h...@lucene.apache.org
