I want to use filtering or similar, any help?
Otis Gospodnetic wrote: > > > That URL to your Solr Admin page should never be exposed to the outside > world. You can play with network, routing, DNS and other similar things > to make sure one can't get to this from the outside even if the URL is > know. > > Otis > -- > Sematext -- http://sematext.com/ -- Lucene - Solr - Nutch > > > > ----- Original Message ---- >> From: pof <melbournebeerba...@gmail.com> >> To: solr-user@lucene.apache.org >> Sent: Thursday, June 25, 2009 7:40:12 PM >> Subject: Re: Solr document security >> >> >> Thats what I was going to do originally, however what is stopping a user >> from >> simply running a search through http://localhost:8983/solr/admin/ of the >> index server? >> >> >> Norberto Meijome-6 wrote: >> > >> > On Wed, 24 Jun 2009 23:20:26 -0700 (PDT) >> > pof wrote: >> > >> >> >> >> Hi, I am wanting to add document-level security that works as >> following: >> >> An >> >> external process makes a query to the index, depending on their >> security >> >> allowences based of a login id a list of hits are returned minus any >> the >> >> user are meant to know even exist. I was thinking maybe a custom >> filter >> >> with >> >> a JDBC connection to check security of the user vs. the document. I'm >> not >> >> sure how I would add the filter or how to write the filter or how to >> get >> >> the >> >> login id from a GET parameter. Any suggestions, comments etc.? >> > >> > Hi Brett, >> > (keeping in mind that i've been away from SOLR for 8 months, but i >> > dont think this was added of late) >> > >> > standard approach is to manage security @ your >> > application layer, not @ SOLR. ie, search, return documents (which >> should >> > contain some kind of data to identify their ACL ) and then you can >> decide >> > whether to show it or not. >> > >> > HIH >> > _________________________ >> > {Beto|Norberto|Numard} Meijome >> > >> > "They never open their mouths without subtracting from the sum of human >> > knowledge." Thomas Brackett Reed >> > >> > I speak for myself, not my employer. Contents may be hot. Slippery when >> > wet. >> > Reading disclaimers makes you go blind. Writing them is worse. You have >> > been >> > Warned. >> > >> > >> >> -- >> View this message in context: >> http://www.nabble.com/Solr-document-security-tp24197620p24212752.html >> Sent from the Solr - User mailing list archive at Nabble.com. > > > -- View this message in context: http://www.nabble.com/Solr-document-security-tp24197620p24246624.html Sent from the Solr - User mailing list archive at Nabble.com.