Hi Karl, I am testing updated ManifoldCFQParserPlugin.java and what i did in my implementation is to update for handling Alfresco ACLs also,For same i need to do taks as below. 1. Update ManifoldCFQParserPlugin.java to accommodate multiple sources : alfresco or sharepoint or both. As per source selected, i need to create boolean queries after adding checks to see what type of source is passed. 2. I am adding multiple conditions as per content source passed. E.g. for sharepoint, i need not to do anything and need to move it as per check.But if alfresco is selected, i need to have a condition based on content source as to which mechanism to use as sharepoint uses different acls method than alfresco. 3. If both are selected, i need to handle it in different condition check. Also i am passing content source to ManifoldCFQParserPlugin.java beforehand to accomplish this.
Please suggest. Regards. On Tue, Aug 12, 2014 at 6:43 PM, lalit jangra <[email protected]> wrote: > Thanks a lot Karl, > > I will follow the steps and update you. > > Regards. > > > On Tue, Aug 12, 2014 at 6:30 PM, Karl Wright <[email protected]> wrote: > >> Directions for modifying the solr plugin: >> >> (1) Download the plugin source package from the mcf site >> (2) Unpack >> (3) In ManifoldCFQParserPlugin.java, go to line 276. The query clause >> that comes from ManifoldCF has been constructed by that point. Instead of >> returning that query, though, also construct your Alfresco clause based on >> passed-in Alfresco access tokens. You can access these tokens from the >> incoming parameters using code like this: >> >> String[] alfrescoTokens = params.getParams("alfresco_tokens"); >> >> You will need to form the alfresco tokens into a Query and merge that >> Query with the one from ManifoldCF. >> >> Karl >> >> >> >> On Tue, Aug 12, 2014 at 8:07 AM, Karl Wright <[email protected]> wrote: >> >>> I think that would fix the issue, yes. Stop passing anything in "fq=" >>> and modify the plugin. >>> >>> Karl >>> >>> >>> On Tue, Aug 12, 2014 at 7:42 AM, lalit jangra <[email protected]> >>> wrote: >>> >>>> Thanks Karl, >>>> >>>> So it means to me that i need to update ManifoldCFQParserPlugin.java to >>>> accommodate for alfresco also and as we are passing AuthenticateUserName >>>> for SharePoint, we need to devise a meachanism to pass ACLs for alfresco as >>>> well and modify parse() method to make combined query? >>>> >>>> This would be the fix for issue? >>>> >>>> Please suggest. >>>> >>>> Regards. >>>> >>>> >>>> On Tue, Aug 12, 2014 at 5:05 PM, Karl Wright <[email protected]> >>>> wrote: >>>> >>>>> Hi Lalit, >>>>> >>>>> It occurs to me that even if you use the MCF search component, you >>>>> will still need to make customizations, because otherwise only documents >>>>> visible to the SharePoint user will be visible. >>>>> >>>>> I think that if you can pass the alfresco access tokens in via another >>>>> argument (say, "alfresco="), then you can modify the query-parser plugin >>>>> to >>>>> do what you need. >>>>> >>>>> Karl >>>>> >>>>> >>>>> >>>>> On Tue, Aug 12, 2014 at 7:27 AM, Karl Wright <[email protected]> >>>>> wrote: >>>>> >>>>>> Hi Lalit, >>>>>> >>>>>> The MCF query-parser plugin does have access to the incoming "fq" >>>>>> parameter, but in order to do anything useful with it it would have to >>>>>> parse it, and turn it into a Query. In addition, you would need to >>>>>> decide >>>>>> whether the passed-in fq argument should: >>>>>> >>>>>> -- RESTRICT the documents further that match the MCF authorization >>>>>> criteria >>>>>> -- ADD documents that do not match the MCF authorization criteria >>>>>> >>>>>> It can't be both, so I can't see making this a general feature. For >>>>>> these reasons I don't recommend this approach. Instead, you should be >>>>>> able >>>>>> to add the MCF search component to the standard query processing chain, >>>>>> and >>>>>> that should always work. The biggest question is just where in the chain >>>>>> you put the plugin. >>>>>> >>>>>> Thanks, >>>>>> Karl >>>>>> >>>>>> >>>>>> >>>>>> On Tue, Aug 12, 2014 at 7:08 AM, lalit jangra < >>>>>> [email protected]> wrote: >>>>>> >>>>>>> Thanks Karl, >>>>>>> >>>>>>> Does it mean that i need to update OOTB MCF-Solr component i.e. >>>>>>> ManifoldCFQParserPlugin.java and pass all my arguments there and update >>>>>>> the >>>>>>> final query? >>>>>>> >>>>>>> Currently i am using filter queries to maintain resultsets from >>>>>>> different sources : alfresco & sharepoint as index from alfresco & >>>>>>> sharepoint are stored into same solr collection. >>>>>>> E.g. If i search for alfresco, it works fine but if i search for >>>>>>> sahrepoint using AuthenticatedUserName only without using filter to >>>>>>> return >>>>>>> results from sharepoint, i get results from both alfresco(as open items >>>>>>> from MCF-Solr plugin) & sharepoint. >>>>>>> >>>>>>> Please suggest. >>>>>>> >>>>>>> Regards. >>>>>>> >>>>>>> >>>>>>> On Tue, Aug 12, 2014 at 3:44 PM, Karl Wright <[email protected]> >>>>>>> wrote: >>>>>>> >>>>>>>> Hi Lalit, >>>>>>>> >>>>>>>> The ManifoldCF query parser plugin only has the option of >>>>>>>> generating a filter query from incoming arguments. It does not have >>>>>>>> the >>>>>>>> option of replacing the incoming arguments: >>>>>>>> >>>>>>>> >>>>>> >>>>>>>> public Query parse() >>>>>>>> <<<<<< >>>>>>>> >>>>>>>> It is Solr that decides whether an fq argument you pass overrides a >>>>>>>> queryparser's plugin output. I can't change how that works. >>>>>>>> >>>>>>>> For what you are trying to do, you may do better by using the MCF >>>>>>>> search component instead, since that modifies the whole query, rather >>>>>>>> than >>>>>>>> just the fq field. >>>>>>>> >>>>>>>> Karl >>>>>>>> >>>>>>>> >>>>>>>> >>>>>>>> On Tue, Aug 12, 2014 at 6:07 AM, lalit jangra < >>>>>>>> [email protected]> wrote: >>>>>>>> >>>>>>>>> Thanks Karl, >>>>>>>>> >>>>>>>>> It means that is seems to be clash between two fq or filter >>>>>>>>> queries. First fq is set by MCF-Solr plugin which return SharePoint >>>>>>>>> user >>>>>>>>> tokens and then i am using another fq to create filter query based on >>>>>>>>> content_source etc. which overwrites previous one >>>>>>>>> >>>>>>>>> How can i consume incoming MCF-Solr plugin into second/other fq >>>>>>>>> here as i could not see any results coming from MCF-Solr plugin? Also >>>>>>>>> as i >>>>>>>>> am passing AutheticatedUserName as raw query parameter, i was >>>>>>>>> expecting >>>>>>>>> results to be replaced inline within query itself. >>>>>>>>> >>>>>>>>> Please suggest. >>>>>>>>> >>>>>>>>> Regards. >>>>>>>>> >>>>>>>>> >>>>>>>>> On Tue, Aug 12, 2014 at 3:20 PM, Karl Wright <[email protected]> >>>>>>>>> wrote: >>>>>>>>> >>>>>>>>>> Hi Lalit, >>>>>>>>>> >>>>>>>>>> Yes, it seems likely that the MCF solr plugin is setting fq to >>>>>>>>>> the right query expression, and then you are later setting fq to >>>>>>>>>> something >>>>>>>>>> else entirely with your own plugin. >>>>>>>>>> >>>>>>>>>> Your plugin must take the incoming fq field and include it in the >>>>>>>>>> final expression. >>>>>>>>>> >>>>>>>>>> Karl >>>>>>>>>> >>>>>>>>>> >>>>>>>>>> >>>>>>>>>> On Tue, Aug 12, 2014 at 4:23 AM, lalit jangra < >>>>>>>>>> [email protected]> wrote: >>>>>>>>>> >>>>>>>>>>> Thanks Karl for promptness, >>>>>>>>>>> >>>>>>>>>>> Invoking http:// >>>>>>>>>>> <your_mcf_instance/mcf-authority-service/UserACLs?username= >>>>>>>>>>> [email protected] gives me below ACLs which seem to be fine to >>>>>>>>>>> me. >>>>>>>>>>> >>>>>>>>>>> AUTHORIZED:SharePointAuthConnection >>>>>>>>>>> >>>>>>>>>>> TOKEN:SharepointAuthGroup:Ui%3A0%23.w%7Ciwater.ie%255cljangra >>>>>>>>>>> >>>>>>>>>>> TOKEN:SharepointAuthGroup:Uc%3A0%2B.w%7Cs-1-5-32-545 >>>>>>>>>>> >>>>>>>>>>> >>>>>>>>>>> TOKEN:SharepointAuthGroup:Uc%3A0%2B.w%7Cs-1-5-21-2630432783-15384281-2988178474-15263 >>>>>>>>>>> >>>>>>>>>>> >>>>>>>>>>> TOKEN:SharepointAuthGroup:Uc%3A0%2B.w%7Cs-1-5-21-2630432783-15384281-2988178474-513 >>>>>>>>>>> >>>>>>>>>>> >>>>>>>>>>> TOKEN:SharepointAuthGroup:Uc%3A0%2B.w%7Cs-1-5-21-2630432783-15384281-2988178474-13472 >>>>>>>>>>> >>>>>>>>>>> >>>>>>>>>>> TOKEN:SharepointAuthGroup:Uc%3A0%2B.w%7Cs-1-5-21-2630432783-15384281-2988178474-3182 >>>>>>>>>>> >>>>>>>>>>> >>>>>>>>>>> TOKEN:SharepointAuthGroup:Uc%3A0%2B.w%7Cs-1-5-21-2630432783-15384281-2988178474-1619 >>>>>>>>>>> >>>>>>>>>>> >>>>>>>>>>> TOKEN:SharepointAuthGroup:Uc%3A0%2B.w%7Cs-1-5-21-2630432783-15384281-2988178474-1813 >>>>>>>>>>> >>>>>>>>>>> >>>>>>>>>>> TOKEN:SharepointAuthGroup:Ui%3A0%2B.w%7Cs-1-5-21-2630432783-15384281-2988178474-12149 >>>>>>>>>>> >>>>>>>>>>> TOKEN:SharepointAuthGroup:Uc%3A0%21.s%7Cwindows >>>>>>>>>>> >>>>>>>>>>> TOKEN:SharepointAuthGroup:Uc%3A0%28.s%7Ctrue >>>>>>>>>>> >>>>>>>>>>> I got it now, the missing part is absence of user tokens in solr >>>>>>>>>>> query as you mentioned. >>>>>>>>>>> >>>>>>>>>>> Please suggest. >>>>>>>>>>> >>>>>>>>>>> Regards. >>>>>>>>>>> >>>>>>>>>>> >>>>>>>>>>> >>>>>>>>>>> On Tue, Aug 12, 2014 at 12:32 PM, Karl Wright < >>>>>>>>>>> [email protected]> wrote: >>>>>>>>>>> >>>>>>>>>>>> Hi Lalit, >>>>>>>>>>>> >>>>>>>>>>>> The MCF plugin does this: >>>>>>>>>>>> - Looks for the AuthenticatedUserName parameter >>>>>>>>>>>> - Sends the AuthenticatedUserName parameter to ManifoldCF's >>>>>>>>>>>> authority service, and gets back user tokens >>>>>>>>>>>> - Constructs a filter query (fq) expression from the user tokens >>>>>>>>>>>> >>>>>>>>>>>> It's very hard for me to guess which acls come from your >>>>>>>>>>>> SharePoint instance and which come from your Alfresco instance. >>>>>>>>>>>> But this >>>>>>>>>>>> is almost certainly wrong: >>>>>>>>>>>> >>>>>>>>>>>> fq=content_source:SharePoint&version=2&AuthenticatedUserName= >>>>>>>>>>>> [email protected] >>>>>>>>>>>> ... because there are no access tokens whatsoever. >>>>>>>>>>>> >>>>>>>>>>>> This too has no ACLs: >>>>>>>>>>>> fq= >>>>>>>>>>>> content_source:sharepoint+and+authenticatedusername%[email protected] >>>>>>>>>>>> >>>>>>>>>>>> >>>>>>>>>>>> This has access tokens, but they seem to all be from Alfresco: >>>>>>>>>>>> >>>>>>>>>>>> fq=(content_source:Alfresco+AND+alf_acls%253A%2528GROUP_CTXRDP%2BOR%2BGROUP_ECM-Developer-Admins%2BOR%2BGROUP_EVERYONE%2BOR%2BGROUP_ExtendedReaders3e7350e3-ab94-4ecc-87fa-d59ad3deda23%2BOR%2BGROUP_GLS-IW-ADM-ECM-Manifold-Testing%2BOR%2BGROUP_Irish+Water+All+Hands%2BOR%2BGROUP_Jump-Server-Admins%2BOR%2BGROUP_iwaterdesktop%2BOR%2BGROUP_site_LegalServices%2BOR%2BGROUP_site_LegalServices_SiteConsumer%2529)+OR+content_source:SharePoint&AuthenticatedUserName= >>>>>>>>>>>> [email protected] >>>>>>>>>>>> >>>>>>>>>>>> So frankly I see no evidence that you are including any >>>>>>>>>>>> SharePoint access tokens in your query at all. Could you do the >>>>>>>>>>>> following: >>>>>>>>>>>> >>>>>>>>>>>> curl "http:// >>>>>>>>>>>> <your_mcf_instance/mcf-authority-service/UserACLs?username= >>>>>>>>>>>> [email protected]" >>>>>>>>>>>> >>>>>>>>>>>> ... and send me what you get back? If that looks good, I >>>>>>>>>>>> suggest that you are probably overwriting the mcf plugin's fq >>>>>>>>>>>> entirely, and >>>>>>>>>>>> not including it in your expression. >>>>>>>>>>>> >>>>>>>>>>>> Thanks, >>>>>>>>>>>> Karl >>>>>>>>>>>> >>>>>>>>>>>> >>>>>>>>>>>> >>>>>>>>>>>> >>>>>>>>>>>> On Tue, Aug 12, 2014 at 2:38 AM, lalit jangra < >>>>>>>>>>>> [email protected]> wrote: >>>>>>>>>>>> >>>>>>>>>>>>> Thanks Karl, >>>>>>>>>>>>> >>>>>>>>>>>>> I am working with filter queries here and initially i tried to >>>>>>>>>>>>> put filter queries as below but it did not work and i got only >>>>>>>>>>>>> alfresco >>>>>>>>>>>>> content. >>>>>>>>>>>>> >>>>>>>>>>>>> (alfresco_expression AND is_alfresco) OR >>>>>>>>>>>>> (sharepoint_expression AND is_sharepoint) >>>>>>>>>>>>> >>>>>>>>>>>>> Here is query from solr logs for same. >>>>>>>>>>>>> >>>>>>>>>>>>> 588159410 [http-bio-8080-exec-330] INFO >>>>>>>>>>>>> org.apache.solr.mcf.ManifoldCFQParserPlugin ? Default no-user >>>>>>>>>>>>> response >>>>>>>>>>>>> (open documents only) >>>>>>>>>>>>> >>>>>>>>>>>>> 588547075 [http-bio-8080-exec-260] INFO >>>>>>>>>>>>> org.apache.solr.core.SolrCore ? [collection1] webapp=/solr >>>>>>>>>>>>> path=/select >>>>>>>>>>>>> params={q=*:*&fq=(content_source:Alfresco+AND+alf_acls%253A%2528GROUP_CTXRDP%2BOR%2BGROUP_ECM-Developer-Admins%2BOR%2BGROUP_EVERYONE%2BOR%2BGROUP_ExtendedReaders3e7350e3-ab94-4ecc-87fa-d59ad3deda23%2BOR%2BGROUP_GLS-IW-ADM-ECM-Manifold-Testing%2BOR%2BGROUP_Irish+Water+All+Hands%2BOR%2BGROUP_Jump-Server-Admins%2BOR%2BGROUP_iwaterdesktop%2BOR%2BGROUP_site_LegalServices%2BOR%2BGROUP_site_LegalServices_SiteConsumer%2529)+OR+( >>>>>>>>>>>>> content_source:sharepoint+and+authenticatedusername%[email protected])} >>>>>>>>>>>>> hits=4404 status=0 QTime=96 >>>>>>>>>>>>> >>>>>>>>>>>>> Here i get only 4404 results which i get if i select only >>>>>>>>>>>>> alfresco as source without selecting sharepoint. >>>>>>>>>>>>> >>>>>>>>>>>>> 588159410 [http-bio-8080-exec-330] INFO >>>>>>>>>>>>> org.apache.solr.mcf.ManifoldCFQParserPlugin ? Default no-user >>>>>>>>>>>>> response >>>>>>>>>>>>> (open documents only) >>>>>>>>>>>>> >>>>>>>>>>>>> 588159479 [http-bio-8080-exec-330] INFO >>>>>>>>>>>>> org.apache.solr.core.SolrCore ? [collection1] webapp=/solr >>>>>>>>>>>>> path=/select >>>>>>>>>>>>> params={q=*:*&fq=(content_source:Alfresco+AND+alf_acls%253A%2528GROUP_CTXRDP%2BOR%2BGROUP_ECM-Developer-Admins%2BOR%2BGROUP_EVERYONE%2BOR%2BGROUP_ExtendedReaders3e7350e3-ab94-4ecc-87fa-d59ad3deda23%2BOR%2BGROUP_GLS-IW-ADM-ECM-Manifold-Testing%2BOR%2BGROUP_Irish+Water+All+Hands%2BOR%2BGROUP_Jump-Server-Admins%2BOR%2BGROUP_iwaterdesktop%2BOR%2BGROUP_site_LegalServices%2BOR%2BGROUP_site_LegalServices_SiteConsumer%2529)+OR+( >>>>>>>>>>>>> content_source:sharepoint+and+uthenticatedusername%[email protected])} >>>>>>>>>>>>> hits=4404 status=0 QTime=70 >>>>>>>>>>>>> >>>>>>>>>>>>> >>>>>>>>>>>>> Then i moved to below structure where i need to pass >>>>>>>>>>>>> sharepoint_expression as raw query parameters for filter queries. >>>>>>>>>>>>> >>>>>>>>>>>>> (alfresco_expression) OR (is_sharepoint) & >>>>>>>>>>>>> sharepoint_expression >>>>>>>>>>>>> >>>>>>>>>>>>> This way i got results from both alfresco and sharepoint. Here >>>>>>>>>>>>> i get 5425 results including alfresco as well as sharepoint. >>>>>>>>>>>>> >>>>>>>>>>>>> 588799237 [http-bio-8080-exec-331] INFO >>>>>>>>>>>>> org.apache.solr.mcf.ManifoldCFQParserPlugin ? Trying to match >>>>>>>>>>>>> docs for >>>>>>>>>>>>> user '[:[email protected]]' >>>>>>>>>>>>> >>>>>>>>>>>>> 588799238 [http-bio-8080-exec-331] INFO >>>>>>>>>>>>> org.apache.http.impl.client.DefaultHttpClient ? I/O exception >>>>>>>>>>>>> (org.apache.http.NoHttpResponseException) caught when processing >>>>>>>>>>>>> request: >>>>>>>>>>>>> The target server failed to respond >>>>>>>>>>>>> >>>>>>>>>>>>> 588799239 [http-bio-8080-exec-331] INFO >>>>>>>>>>>>> org.apache.http.impl.client.DefaultHttpClient ? Retrying request >>>>>>>>>>>>> >>>>>>>>>>>>> 588799330 [http-bio-8080-exec-331] INFO >>>>>>>>>>>>> org.apache.solr.mcf.ManifoldCFQParserPlugin ? Saw authority >>>>>>>>>>>>> response >>>>>>>>>>>>> AUTHORIZED:SharePointAuthConnection >>>>>>>>>>>>> >>>>>>>>>>>>> 588799338 [http-bio-8080-exec-331] INFO >>>>>>>>>>>>> org.apache.solr.core.SolrCore ? [collection1] webapp=/solr >>>>>>>>>>>>> path=/select >>>>>>>>>>>>> params={q=*:*&fq=(content_source:Alfresco+AND+alf_acls%253A%2528GROUP_CTXRDP%2BOR%2BGROUP_ECM-Developer-Admins%2BOR%2BGROUP_EVERYONE%2BOR%2BGROUP_ExtendedReaders3e7350e3-ab94-4ecc-87fa-d59ad3deda23%2BOR%2BGROUP_GLS-IW-ADM-ECM-Manifold-Testing%2BOR%2BGROUP_Irish+Water+All+Hands%2BOR%2BGROUP_Jump-Server-Admins%2BOR%2BGROUP_iwaterdesktop%2BOR%2BGROUP_site_LegalServices%2BOR%2BGROUP_site_LegalServices_SiteConsumer%2529)+OR+content_source:SharePoint&AuthenticatedUserName= >>>>>>>>>>>>> [email protected]} hits=5245 status=0 QTime=103 >>>>>>>>>>>>> >>>>>>>>>>>>> Also for sharepoint only queries, if i try filter queries as >>>>>>>>>>>>> below, i got no results. >>>>>>>>>>>>> >>>>>>>>>>>>> (sharepoint_expression AND is_sharepoint) >>>>>>>>>>>>> >>>>>>>>>>>>> >>>>>>>>>>>>> 587320867 [http-bio-8080-exec-325] INFO >>>>>>>>>>>>> org.apache.solr.mcf.ManifoldCFQParserPlugin ? Trying to match >>>>>>>>>>>>> docs for >>>>>>>>>>>>> user '[:[email protected]]' >>>>>>>>>>>>> >>>>>>>>>>>>> 587320868 [http-bio-8080-exec-325] INFO >>>>>>>>>>>>> org.apache.http.impl.client.DefaultHttpClient ? I/O exception >>>>>>>>>>>>> (org.apache.http.NoHttpResponseException) caught when processing >>>>>>>>>>>>> request: >>>>>>>>>>>>> The target server failed to respond >>>>>>>>>>>>> >>>>>>>>>>>>> 587320869 [http-bio-8080-exec-325] INFO >>>>>>>>>>>>> org.apache.http.impl.client.DefaultHttpClient ? Retrying request >>>>>>>>>>>>> >>>>>>>>>>>>> 587324291 [http-bio-8080-exec-325] INFO >>>>>>>>>>>>> org.apache.solr.mcf.ManifoldCFQParserPlugin ? Saw authority >>>>>>>>>>>>> response >>>>>>>>>>>>> AUTHORIZED:SharePointAuthConnection >>>>>>>>>>>>> >>>>>>>>>>>>> 587324292 [http-bio-8080-exec-325] INFO >>>>>>>>>>>>> org.apache.solr.core.SolrCore ? [collection1] webapp=/solr >>>>>>>>>>>>> path=/select >>>>>>>>>>>>> params={indent=true&q=*:*&_=1407823092895&wt=json&fq= >>>>>>>>>>>>> content_source:sharepoint+and+authenticatedusername%[email protected] >>>>>>>>>>>>> &[email protected]} hits=0 status=0 >>>>>>>>>>>>> QTime=3426 >>>>>>>>>>>>> >>>>>>>>>>>>> 587338061 [http-bio-8080-exec-325] INFO >>>>>>>>>>>>> org.apache.solr.mcf.ManifoldCFQParserPlugin ? Default no-user >>>>>>>>>>>>> response >>>>>>>>>>>>> (open documents only) >>>>>>>>>>>>> >>>>>>>>>>>>> 587338061 [http-bio-8080-exec-325] INFO >>>>>>>>>>>>> org.apache.solr.core.SolrCore ? [collection1] webapp=/solr >>>>>>>>>>>>> path=/select >>>>>>>>>>>>> params={indent=true&q=*:*&_=1407823109996&wt=json&fq= >>>>>>>>>>>>> content_source:sharepoint+and+authenticatedusername%[email protected]} >>>>>>>>>>>>> hits=0 status=0 QTime=1 >>>>>>>>>>>>> >>>>>>>>>>>>> >>>>>>>>>>>>> But if i use sharepoint_expression as below , get results for >>>>>>>>>>>>> sahrepoint only. >>>>>>>>>>>>> >>>>>>>>>>>>> >>>>>>>>>>>>> fq=content_source:SharePoint&version=2&AuthenticatedUserName= >>>>>>>>>>>>> [email protected] >>>>>>>>>>>>> >>>>>>>>>>>>> 589523637 [http-bio-8080-exec-260] INFO >>>>>>>>>>>>> org.apache.solr.mcf.ManifoldCFQParserPlugin ? Trying to match >>>>>>>>>>>>> docs for >>>>>>>>>>>>> user '[:[email protected]]' >>>>>>>>>>>>> >>>>>>>>>>>>> 589523639 [http-bio-8080-exec-260] INFO >>>>>>>>>>>>> org.apache.http.impl.client.DefaultHttpClient ? I/O exception >>>>>>>>>>>>> (org.apache.http.NoHttpResponseException) caught when processing >>>>>>>>>>>>> request: >>>>>>>>>>>>> The target server failed to respond >>>>>>>>>>>>> >>>>>>>>>>>>> 589523639 [http-bio-8080-exec-260] INFO >>>>>>>>>>>>> org.apache.http.impl.client.DefaultHttpClient ? Retrying request >>>>>>>>>>>>> >>>>>>>>>>>>> 589523698 [http-bio-8080-exec-260] INFO >>>>>>>>>>>>> org.apache.solr.mcf.ManifoldCFQParserPlugin ? Saw authority >>>>>>>>>>>>> response >>>>>>>>>>>>> AUTHORIZED:SharePointAuthConnection >>>>>>>>>>>>> >>>>>>>>>>>>> 589523699 [http-bio-8080-exec-260] INFO >>>>>>>>>>>>> org.apache.solr.core.SolrCore ? [collection1] webapp=/solr >>>>>>>>>>>>> path=/select >>>>>>>>>>>>> params={sort=score+desc&df=text&q="lalit"&q.op=OR&wt=javabin&qt=/select&fq=content_source:SharePoint&version=2&AuthenticatedUserName= >>>>>>>>>>>>> [email protected]} hits=35 status=0 QTime=62 >>>>>>>>>>>>> >>>>>>>>>>>>> >>>>>>>>>>>>> What i assume is whatever is passed with AuthenticatedUserName >>>>>>>>>>>>> variable, it is compared with stored ACLs in index and >>>>>>>>>>>>> accordingly results >>>>>>>>>>>>> are displayed. >>>>>>>>>>>>> >>>>>>>>>>>>> Please suggest. >>>>>>>>>>>>> >>>>>>>>>>>>> regards. >>>>>>>>>>>>> >>>>>>>>>>>>> >>>>>>>>>>>>> On Mon, Aug 11, 2014 at 10:59 PM, Karl Wright < >>>>>>>>>>>>> [email protected]> wrote: >>>>>>>>>>>>> >>>>>>>>>>>>>> Hi Lalit, >>>>>>>>>>>>>> >>>>>>>>>>>>>> First, if both Alfresco and SharePoint documents are indexed >>>>>>>>>>>>>> with the same MCF instance, then you do >>>>>>>>>>>>>> not need to play games like this. You only need the one >>>>>>>>>>>>>> query that the MCF solr plugin generates. >>>>>>>>>>>>>> >>>>>>>>>>>>>> If that's not the case, then what you want are two separate >>>>>>>>>>>>>> clauses where one matches Alfresco documents and one clause that >>>>>>>>>>>>>> matches >>>>>>>>>>>>>> SharePoint documents. The expression therefore would look like >>>>>>>>>>>>>> this: >>>>>>>>>>>>>> >>>>>>>>>>>>>> (alfresco_expression AND is_alfresco) OR >>>>>>>>>>>>>> (sharepoint_expression AND is_sharepoint) >>>>>>>>>>>>>> >>>>>>>>>>>>>> >>>>>>>>>>>>>> It cannot look like this and work: >>>>>>>>>>>>>> >>>>>>>>>>>>>> (alfresco_expression OR sharepoint_expression) OR >>>>>>>>>>>>>> is_sharepoint >>>>>>>>>>>>>> >>>>>>>>>>>>>> That is nonsensical. >>>>>>>>>>>>>> Karl >>>>>>>>>>>>>> >>>>>>>>>>>>>> >>>>>>>>>>>>>> >>>>>>>>>>>>>> On Mon, Aug 11, 2014 at 1:22 PM, lalit jangra < >>>>>>>>>>>>>> [email protected]> wrote: >>>>>>>>>>>>>> >>>>>>>>>>>>>>> Thanks Karl, >>>>>>>>>>>>>>> >>>>>>>>>>>>>>> In this query i am searching for results in both alfresco >>>>>>>>>>>>>>> and SharePoint. So before OR i am checking for alfresco ACLs >>>>>>>>>>>>>>> and post OR i >>>>>>>>>>>>>>> am checking for SharePoint ACLs by supplying >>>>>>>>>>>>>>> authenticatedusername .Hence >>>>>>>>>>>>>>> OR facilitates here for both options. >>>>>>>>>>>>>>> On Aug 11, 2014 10:44 PM, "Karl Wright" <[email protected]> >>>>>>>>>>>>>>> wrote: >>>>>>>>>>>>>>> >>>>>>>>>>>>>>>> Hi Lalit, >>>>>>>>>>>>>>>> >>>>>>>>>>>>>>>> Have a look at this query: >>>>>>>>>>>>>>>> >>>>>>>>>>>>>>>> 522471481 [http-bio-8080-exec-238] INFO >>>>>>>>>>>>>>>> org.apache.solr.core.SolrCore ? [collection1] webapp=/solr >>>>>>>>>>>>>>>> path=/select >>>>>>>>>>>>>>>> params={sort=score+desc&df=text&q="blue"&q.op=OR&wt=javabin&qt=/select&fq=(content_source:Alfresco+AND+alf_acls%253A%2528GROUP_CTXRDP%2BOR%2BGROUP_ECM-Developer-Admins%2BOR%2BGROUP_EMAIL_CONTRIBUTORS%2BOR%2BGROUP_EVERYONE%2BOR%2BGROUP_ExtendedReaders3e7350e3-ab94-4ecc-87fa-d59ad3deda23%2BOR%2BGROUP_ExtendedWriters3e7350e3-ab94-4ecc-87fa-d59ad3deda23%2BOR%2BGROUP_GLS-IW-CTX-IWDesktop%2BOR%2BGROUP_GLS-IW-CTX-IWStandardUsers%2BOR%2BGROUP_Irish+Water+All+Hands%2BOR%2BGROUP_Jump-Server-Admins%2BOR%2BGROUP_site_LegalServices%2BOR%2BGROUP_site_LegalServices_SiteManager%2BOR%2BGROUP_site_asset-investment%2BOR%2BGROUP_site_asset-investment_SiteManager%2BOR%2BGROUP_site_asset-management%2BOR%2BGROUP_site_asset-management_SiteConsumer%2BOR%2BGROUP_site_asset-programmes%2BOR%2BGROUP_site_asset-programmes_SiteCollaborator%2BOR%2BGROUP_site_asset-programmes_SiteManager%2BOR%2BGROUP_site_asset-strategy%2BOR%2BGROUP_site_asset-strategy_SiteManager%2BOR%2BGROUP_site_capa%2BOR%2BGROUP_site_capa_SiteManager%2BOR%2BGROUP_site_capital-delivery%2BOR%2BGROUP_site_capital-delivery_SiteConsumer%2BOR%2BGROUP_site_communications%2BOR%2BGROUP_site_communications_SiteManager%2BOR%2BGROUP_site_customer-contacts%2BOR%2BGROUP_site_customer-contacts_SiteManager%2BOR%2BGROUP_site_hazcon%2BOR%2BGROUP_site_hazcon_SiteManager%2BOR%2BGROUP_site_human-resources%2BOR%2BGROUP_site_human-resources_SiteCollaborator%2BOR%2BGROUP_site_incident-management%2BOR%2BGROUP_site_incident-management_SiteManager%2BOR%2BGROUP_site_invoices%2BOR%2BGROUP_site_invoices_SiteManager%2BOR%2BGROUP_site_iwcontracts%2BOR%2BGROUP_site_iwcontracts_SiteManager%2BOR%2BGROUP_site_iwproject%2BOR%2BGROUP_site_iwproject_SiteManager%2BOR%2BGROUP_site_iwprojects%2BOR%2BGROUP_site_iwprojects_SiteManager%2BOR%2BGROUP_site_operations-and-maintenance%2BOR%2BGROUP_site_operations-and-maintenance_SiteManager%2BOR%2BGROUP_site_region-connaught-and-ulster%2BOR%2BGROUP_site_region-connaught-and-ulster_SiteCollaborator%2BOR%2BGROUP_site_region-east-and-midlands%2BOR%2BGROUP_site_region-east-and-midlands_SiteCollaborator%2BOR%2BGROUP_site_region-south-la-file-share%2BOR%2BGROUP_site_region-south-la-file-share_SiteCollaborator%2BOR%2BGROUP_site_rm%2BOR%2BGROUP_site_rm_SiteManager%2BOR%2BGROUP_site_site-water-investment-approvals-committee%2BOR%2BGROUP_site_site-water-investment-approvals-committee_SiteCollaborator%2BOR%2BGROUP_site_test-public%2BOR%2BGROUP_site_test-public_SiteManager%2BOR%2BGROUP_site_testing-private%2BOR%2BGROUP_site_testing-private_SiteManager%2529)+OR+content_source:SharePoint&version=2&AuthenticatedUserName= >>>>>>>>>>>>>>>> [email protected]} hits=11 status=0 QTime=10 >>>>>>>>>>>>>>>> >>>>>>>>>>>>>>>> >>>>>>>>>>>>>>>> Note the following at the very end of the fq field: >>>>>>>>>>>>>>>> "+OR+content_source:SharePoint". That will basically disable >>>>>>>>>>>>>>>> the entire >>>>>>>>>>>>>>>> rest of the filter and permit ALL documents through that were >>>>>>>>>>>>>>>> indexed by >>>>>>>>>>>>>>>> SharePoint. It should be "+AND+content_source:SharePoint". >>>>>>>>>>>>>>>> >>>>>>>>>>>>>>>> Karl >>>>>>>>>>>>>>>> >>>>>>>>>>>>>>>> >>>>>>>>>>>>>>>> >>>>>>>>>>>>>>>> On Mon, Aug 11, 2014 at 1:05 PM, lalit jangra < >>>>>>>>>>>>>>>> [email protected]> wrote: >>>>>>>>>>>>>>>> >>>>>>>>>>>>>>>>> Sure Karl, >>>>>>>>>>>>>>>>> >>>>>>>>>>>>>>>>> Can you let me know what type of logs you need?I am >>>>>>>>>>>>>>>>> attaching part of solr.log for your reference. >>>>>>>>>>>>>>>>> >>>>>>>>>>>>>>>>> Regards. >>>>>>>>>>>>>>>>> On Aug 11, 2014 9:42 PM, "Karl Wright" <[email protected]> >>>>>>>>>>>>>>>>> wrote: >>>>>>>>>>>>>>>>> >>>>>>>>>>>>>>>>>> Hi Lalit, >>>>>>>>>>>>>>>>>> >>>>>>>>>>>>>>>>>> Are you sure you are using the standard select query >>>>>>>>>>>>>>>>>> handler? In order to convince me, you will need to enable >>>>>>>>>>>>>>>>>> appropriate Solr >>>>>>>>>>>>>>>>>> logging so I can see how a request is processed and whether >>>>>>>>>>>>>>>>>> the MCF solr >>>>>>>>>>>>>>>>>> plugin is being called. >>>>>>>>>>>>>>>>>> >>>>>>>>>>>>>>>>>> Karl >>>>>>>>>>>>>>>>>> >>>>>>>>>>>>>>>>>> >>>>>>>>>>>>>>>>>> >>>>>>>>>>>>>>>>>> On Mon, Aug 11, 2014 at 11:59 AM, lalit jangra < >>>>>>>>>>>>>>>>>> [email protected]> wrote: >>>>>>>>>>>>>>>>>> >>>>>>>>>>>>>>>>>>> Thanks Karl, >>>>>>>>>>>>>>>>>>> >>>>>>>>>>>>>>>>>>> Below are my comments. >>>>>>>>>>>>>>>>>>> >>>>>>>>>>>>>>>>>>> 1. Your Solr query is in fact not hooked up to use the >>>>>>>>>>>>>>>>>>> appropriate MCF Solr plugin, in which case no security >>>>>>>>>>>>>>>>>>> whatsoever is being >>>>>>>>>>>>>>>>>>> applied. >>>>>>>>>>>>>>>>>>> --- Below is snippet from solrconfig.xml from one of >>>>>>>>>>>>>>>>>>> servers with MCF Solr plugin included and enabled with >>>>>>>>>>>>>>>>>>> /select query >>>>>>>>>>>>>>>>>>> handler which i am using for search. I assume i need not to >>>>>>>>>>>>>>>>>>> provide full >>>>>>>>>>>>>>>>>>> server name for AuthorityServiceBaseURL & instead >>>>>>>>>>>>>>>>>>> localhost will work fine. >>>>>>>>>>>>>>>>>>> >>>>>>>>>>>>>>>>>>> >>>>>>>>>>>>>>>>>>> <!-- ManifoldCF document security enforcement component >>>>>>>>>>>>>>>>>>> --> >>>>>>>>>>>>>>>>>>> >>>>>>>>>>>>>>>>>>> <queryParser name="manifoldCFSecurity" >>>>>>>>>>>>>>>>>>> >>>>>>>>>>>>>>>>>>> class="org.apache.solr.mcf.ManifoldCFQParserPlugin"> >>>>>>>>>>>>>>>>>>> >>>>>>>>>>>>>>>>>>> <str name="AuthorityServiceBaseURL"> >>>>>>>>>>>>>>>>>>> http://localhost:80/mcf-authority-service</str> >>>>>>>>>>>>>>>>>>> >>>>>>>>>>>>>>>>>>> <int name="ConnectionPoolSize">50</int> >>>>>>>>>>>>>>>>>>> >>>>>>>>>>>>>>>>>>> </queryParser> >>>>>>>>>>>>>>>>>>> >>>>>>>>>>>>>>>>>>> >>>>>>>>>>>>>>>>>>> >>>>>>>>>>>>>>>>>>> <!-- ManifoldCF document security enforcement >>>>>>>>>>>>>>>>>>> component --> >>>>>>>>>>>>>>>>>>> >>>>>>>>>>>>>>>>>>> <searchComponent name="manifoldCFSecurity" >>>>>>>>>>>>>>>>>>> >>>>>>>>>>>>>>>>>>> >>>>>>>>>>>>>>>>>>> class="org.apache.solr.mcf.ManifoldCFSearchComponent"> >>>>>>>>>>>>>>>>>>> >>>>>>>>>>>>>>>>>>> <str name="AuthorityServiceBaseURL"> >>>>>>>>>>>>>>>>>>> http://localhost:80/mcf-authority-service</str> >>>>>>>>>>>>>>>>>>> >>>>>>>>>>>>>>>>>>> <int name="ConnectionPoolSize">50</int> >>>>>>>>>>>>>>>>>>> >>>>>>>>>>>>>>>>>>> </searchComponent> >>>>>>>>>>>>>>>>>>> >>>>>>>>>>>>>>>>>>> >>>>>>>>>>>>>>>>>>> >>>>>>>>>>>>>>>>>>> >>>>>>>>>>>>>>>>>>> >>>>>>>>>>>>>>>>>>> <requestHandler name="/select" >>>>>>>>>>>>>>>>>>> class="solr.SearchHandler"> >>>>>>>>>>>>>>>>>>> >>>>>>>>>>>>>>>>>>> <lst name="defaults"> >>>>>>>>>>>>>>>>>>> >>>>>>>>>>>>>>>>>>> <str name="echoParams">explicit</str> >>>>>>>>>>>>>>>>>>> >>>>>>>>>>>>>>>>>>> <int name="rows">10000</int> >>>>>>>>>>>>>>>>>>> >>>>>>>>>>>>>>>>>>> <str name="df">text</str> >>>>>>>>>>>>>>>>>>> >>>>>>>>>>>>>>>>>>> </lst> >>>>>>>>>>>>>>>>>>> >>>>>>>>>>>>>>>>>>> <lst name="appends"> >>>>>>>>>>>>>>>>>>> >>>>>>>>>>>>>>>>>>> <str >>>>>>>>>>>>>>>>>>> name="fq">{!manifoldCFSecurity}</str> >>>>>>>>>>>>>>>>>>> >>>>>>>>>>>>>>>>>>> </lst> >>>>>>>>>>>>>>>>>>> >>>>>>>>>>>>>>>>>>> </requestHandler> >>>>>>>>>>>>>>>>>>> >>>>>>>>>>>>>>>>>>> >>>>>>>>>>>>>>>>>>> >>>>>>>>>>>>>>>>>>> Below is one of queries built for same using >>>>>>>>>>>>>>>>>>> AuthenticatedUserName >>>>>>>>>>>>>>>>>>> >>>>>>>>>>>>>>>>>>> >>>>>>>>>>>>>>>>>>> >>>>>>>>>>>>>>>>>>> q=%22blue%22&q.op=OR&df=text&qt=%2Fselect&sort=score+desc&fq=content_source%3ASharePoint&AuthenticatedUserName=ljangra% >>>>>>>>>>>>>>>>>>> 40iwater.ie >>>>>>>>>>>>>>>>>>> >>>>>>>>>>>>>>>>>>> >>>>>>>>>>>>>>>>>>> 2. You are supposed to be able to see the documents, but >>>>>>>>>>>>>>>>>>> the URL ManifoldCF is generating does not permit you to log >>>>>>>>>>>>>>>>>>> into SharePoint >>>>>>>>>>>>>>>>>>> for some reason. >>>>>>>>>>>>>>>>>>> -- If i go to the location of the search result, i am >>>>>>>>>>>>>>>>>>> not able to see any document available there for me as per >>>>>>>>>>>>>>>>>>> my permissions. >>>>>>>>>>>>>>>>>>> >>>>>>>>>>>>>>>>>>> 3. You indexed the documents with security "off", and so >>>>>>>>>>>>>>>>>>> no security information was attached to the documents in >>>>>>>>>>>>>>>>>>> Solr. >>>>>>>>>>>>>>>>>>> --- I have enabled security before starting the job as >>>>>>>>>>>>>>>>>>> below. >>>>>>>>>>>>>>>>>>> >>>>>>>>>>>>>>>>>>> >>>>>>>>>>>>>>>>>>> Please suggest. >>>>>>>>>>>>>>>>>>> >>>>>>>>>>>>>>>>>>> Regards. >>>>>>>>>>>>>>>>>>> >>>>>>>>>>>>>>>>>>> >>>>>>>>>>>>>>>>>>> On Mon, Aug 11, 2014 at 5:17 PM, Karl Wright < >>>>>>>>>>>>>>>>>>> [email protected]> wrote: >>>>>>>>>>>>>>>>>>> >>>>>>>>>>>>>>>>>>>> Hi Lalit, >>>>>>>>>>>>>>>>>>>> >>>>>>>>>>>>>>>>>>>> There are a number of possibilities. You will need to >>>>>>>>>>>>>>>>>>>> do some investigation to figure out which one it is. Here >>>>>>>>>>>>>>>>>>>> are the >>>>>>>>>>>>>>>>>>>> possibilities I see: >>>>>>>>>>>>>>>>>>>> >>>>>>>>>>>>>>>>>>>> (1) Your Solr query is in fact not hooked up to use the >>>>>>>>>>>>>>>>>>>> appropriate MCF Solr plugin, in which case no security >>>>>>>>>>>>>>>>>>>> whatsoever is being >>>>>>>>>>>>>>>>>>>> applied. >>>>>>>>>>>>>>>>>>>> (2) You are supposed to be able to see the documents, >>>>>>>>>>>>>>>>>>>> but the URL ManifoldCF is generating does not permit you >>>>>>>>>>>>>>>>>>>> to log into >>>>>>>>>>>>>>>>>>>> SharePoint for some reason. >>>>>>>>>>>>>>>>>>>> (3) You indexed the documents with security "off", and >>>>>>>>>>>>>>>>>>>> so no security information was attached to the documents >>>>>>>>>>>>>>>>>>>> in Solr. >>>>>>>>>>>>>>>>>>>> >>>>>>>>>>>>>>>>>>>> Thanks, >>>>>>>>>>>>>>>>>>>> Karl >>>>>>>>>>>>>>>>>>>> >>>>>>>>>>>>>>>>>>>> >>>>>>>>>>>>>>>>>>>> >>>>>>>>>>>>>>>>>>>> On Mon, Aug 11, 2014 at 7:30 AM, lalit jangra < >>>>>>>>>>>>>>>>>>>> [email protected]> wrote: >>>>>>>>>>>>>>>>>>>> >>>>>>>>>>>>>>>>>>>>> Hi, >>>>>>>>>>>>>>>>>>>>> >>>>>>>>>>>>>>>>>>>>> I am using MCF 1.5.1 and crawling SharePoint 2010 list >>>>>>>>>>>>>>>>>>>>> items. I have also placed MCF solr ACL plugin into solr >>>>>>>>>>>>>>>>>>>>> instances and >>>>>>>>>>>>>>>>>>>>> updated solrconfig.xml for same. I created a job to >>>>>>>>>>>>>>>>>>>>> connect to SharePoint >>>>>>>>>>>>>>>>>>>>> and indexed list items in solr. >>>>>>>>>>>>>>>>>>>>> >>>>>>>>>>>>>>>>>>>>> Next i am searching for content items from index and >>>>>>>>>>>>>>>>>>>>> what i could see is that i am able to see search results >>>>>>>>>>>>>>>>>>>>> for content on >>>>>>>>>>>>>>>>>>>>> which i do not have any access. I can see these content >>>>>>>>>>>>>>>>>>>>> into search results >>>>>>>>>>>>>>>>>>>>> but when i am trying to aceess these content , i can >>>>>>>>>>>>>>>>>>>>> getting SharePoint >>>>>>>>>>>>>>>>>>>>> access denied error. Ideally if a user has no access to a >>>>>>>>>>>>>>>>>>>>> content, he >>>>>>>>>>>>>>>>>>>>> should not be see these content. >>>>>>>>>>>>>>>>>>>>> >>>>>>>>>>>>>>>>>>>>> Am i missing anything here? >>>>>>>>>>>>>>>>>>>>> >>>>>>>>>>>>>>>>>>>>> Regards, >>>>>>>>>>>>>>>>>>>>> Lalit. >>>>>>>>>>>>>>>>>>>>> >>>>>>>>>>>>>>>>>>>> >>>>>>>>>>>>>>>>>>>> >>>>>>>>>>>>>>>>>>> >>>>>>>>>>>>>>>>>>> >>>>>>>>>>>>>>>>>>> -- >>>>>>>>>>>>>>>>>>> Regards, >>>>>>>>>>>>>>>>>>> Lalit. >>>>>>>>>>>>>>>>>>> >>>>>>>>>>>>>>>>>> >>>>>>>>>>>>>>>>>> >>>>>>>>>>>>>>>> >>>>>>>>>>>>>> >>>>>>>>>>>>> >>>>>>>>>>>>> >>>>>>>>>>>>> -- >>>>>>>>>>>>> Regards, >>>>>>>>>>>>> Lalit. >>>>>>>>>>>>> >>>>>>>>>>>> >>>>>>>>>>>> >>>>>>>>>>> >>>>>>>>>>> >>>>>>>>>>> -- >>>>>>>>>>> Regards, >>>>>>>>>>> Lalit. >>>>>>>>>>> >>>>>>>>>> >>>>>>>>>> >>>>>>>>> >>>>>>>>> >>>>>>>>> -- >>>>>>>>> Regards, >>>>>>>>> Lalit. >>>>>>>>> >>>>>>>> >>>>>>>> >>>>>>> >>>>>>> >>>>>>> -- >>>>>>> Regards, >>>>>>> Lalit. >>>>>>> >>>>>> >>>>>> >>>>> >>>> >>>> >>>> -- >>>> Regards, >>>> Lalit. >>>> >>> >>> >> > > > -- > Regards, > Lalit. > -- Regards, Lalit.
