You are viewing a plain text version of this content. The canonical link for it is here.

Posted to user@manifoldcf.apache.org by Shinichiro Abe <sh...@gmail.com> on 2012/01/10 05:12:43 UTC

required attribute of solr-integration security fields

Hi.

README[1] of solr-integration says that you will need to add security fields, 
and specify required="false".
I should specify required="true" because MCF connectors always return any tokens 
and we can't search anything if these fields have no tokens
(that is, null and these fields don't even have "__nosecurity__" that stands for no security token.) 
when using MCF security plugin.
May I open JIRA ticket for modifying README? Is there a reason that should be required="false"?

[1]https://svn.apache.org/repos/asf/incubator/lcf/trunk/connectors/solr/integration/README-3.x.txt

Regards,
Shinichiro Abe

Re: required attribute of solr-integration security fields

Posted by Karl Wright <da...@gmail.com>.

"I might as well clearly specify the necessity of field value by using
required="true".
What do you think?"

If you do that, the Solr Connector will cease to work.  Try it if you
do not believe me.  The current contract is that the connector sends
in tokens of each type to Solr, and will send zero tokens if it has
none.  In that case, if you set "required=true" Solr will reject the
document with an error.

Karl


On Tue, Jan 10, 2012 at 7:43 PM, Shinichiro Abe
<sh...@gmail.com> wrote:
> Hi,
>> So without default value, the solr 3.x and solr 4.x components do not work.
> Okay, I know we must have default value.
> Then do we need to have required attribute itself?
> I don't mind having required attribute or not though(because we have default value),
> I might as well clearly specify the necessity of field value by using required="true".
> What do you think?
>
> Thank you,
> Shinichiro Abe
>
> On 2012/01/10, at 20:17, Karl Wright wrote:
>
>> required="true" affects the update handler, though, and ManifoldCF
>> does not send "__nosecurity__" as a value; it expects Solr to add it.
>>
>> So without default value, the solr 3.x and solr 4.x components do not work.
>>
>> ManifoldCF in Action has its own example, which doesn't use
>> __nosecurity__, but is slower.  The book is now out of date, though,
>> in this regard.  You should not mix schema.xml from the book with code
>> from the ManifoldCF tree.
>>
>> Karl
>>
>> On Tue, Jan 10, 2012 at 3:44 AM, Shinichiro Abe
>> <sh...@gmail.com> wrote:
>>>> The tests for the components
>>>> would not pass if "required" was true
>>> I run "ant test" for the components and passed when adding required="true".
>>> If someone will forget to set default value of "__nosecurity__",  required="true"  is effective.
>>> In fact I forgot to add default value, so I couldn't search anything.
>>> For, I used security fields described in ManifoldCF in Action which don't have default attribute.
>>> So I think setting required="true"  is helpful.
>>>
>>> Regards,
>>> Shinichiro Abe
>>>
>>> On 2012/01/10, at 15:47, Karl Wright wrote:
>>>
>>>> The fields should be required="false" but with a default value of
>>>> "__nosecurity__".  I believe that means that if there is no field
>>>> value attached to the document when it is sent to Solr, Solr will make
>>>> sure it has the value "__nosecurity__".  The tests for the components
>>>> would not pass if "required" was true, so I am a little puzzled as to
>>>> why you feel there is a problem here?
>>>>
>>>> Here's what the tests use for schema:
>>>>
>>>>  <!-- MCF Security fields -->
>>>>  <field name="allow_token_document" type="string" indexed="true"
>>>> stored="false" multiValued="true" default="__nosecurity__"/>
>>>>  <field name="deny_token_document" type="string" indexed="true"
>>>> stored="false" multiValued="true" default="__nosecurity__"/>
>>>>  <field name="allow_token_share" type="string" indexed="true"
>>>> stored="false" multiValued="true" default="__nosecurity__"/>
>>>>  <field name="deny_token_share" type="string" indexed="true"
>>>> stored="false" multiValued="true" default="__nosecurity__"/>
>>>>
>>>> Here's how the test documents are added:
>>>>
>>>>    assertU(adoc("id", "da12", "allow_token_document", "token1",
>>>> "allow_token_document", "token2"));
>>>>    assertU(adoc("id", "da13-dd3", "allow_token_document", "token1",
>>>> "allow_token_document", "token3", "deny_token_document", "token3"));
>>>>    assertU(adoc("id", "sa123-sd13", "allow_token_share", "token1",
>>>> "allow_token_share", "token2", "allow_token_share", "token3",
>>>> "deny_token_share", "token1", "deny_token_share", "token3"));
>>>>    assertU(adoc("id", "sa3-sd1-da23", "allow_token_document",
>>>> "token2", "allow_token_document", "token3", "allow_token_share",
>>>> "token3", "deny_token_share", "token1"));
>>>>    assertU(adoc("id", "notoken"));
>>>>
>>>> Karl
>>>>
>>>> On Mon, Jan 9, 2012 at 11:12 PM, Shinichiro Abe
>>>> <sh...@gmail.com> wrote:
>>>>> Hi.
>>>>>
>>>>> README[1] of solr-integration says that you will need to add security fields,
>>>>> and specify required="false".
>>>>> I should specify required="true" because MCF connectors always return any tokens
>>>>> and we can't search anything if these fields have no tokens
>>>>> (that is, null and these fields don't even have "__nosecurity__" that stands for no security token.)
>>>>> when using MCF security plugin.
>>>>> May I open JIRA ticket for modifying README? Is there a reason that should be required="false"?
>>>>>
>>>>> [1]https://svn.apache.org/repos/asf/incubator/lcf/trunk/connectors/solr/integration/README-3.x.txt
>>>>>
>>>>> Regards,
>>>>> Shinichiro Abe
>>>
>

Re: required attribute of solr-integration security fields

Posted by Shinichiro Abe <sh...@gmail.com>.

Hi, 
> So without default value, the solr 3.x and solr 4.x components do not work.
Okay, I know we must have default value.
Then do we need to have required attribute itself?
I don't mind having required attribute or not though(because we have default value), 
I might as well clearly specify the necessity of field value by using required="true".
What do you think?
 
Thank you,
Shinichiro Abe

On 2012/01/10, at 20:17, Karl Wright wrote:

> required="true" affects the update handler, though, and ManifoldCF
> does not send "__nosecurity__" as a value; it expects Solr to add it.
> 
> So without default value, the solr 3.x and solr 4.x components do not work.
> 
> ManifoldCF in Action has its own example, which doesn't use
> __nosecurity__, but is slower.  The book is now out of date, though,
> in this regard.  You should not mix schema.xml from the book with code
> from the ManifoldCF tree.
> 
> Karl
> 
> On Tue, Jan 10, 2012 at 3:44 AM, Shinichiro Abe
> <sh...@gmail.com> wrote:
>>> The tests for the components
>>> would not pass if "required" was true
>> I run "ant test" for the components and passed when adding required="true".
>> If someone will forget to set default value of "__nosecurity__",  required="true"  is effective.
>> In fact I forgot to add default value, so I couldn't search anything.
>> For, I used security fields described in ManifoldCF in Action which don't have default attribute.
>> So I think setting required="true"  is helpful.
>> 
>> Regards,
>> Shinichiro Abe
>> 
>> On 2012/01/10, at 15:47, Karl Wright wrote:
>> 
>>> The fields should be required="false" but with a default value of
>>> "__nosecurity__".  I believe that means that if there is no field
>>> value attached to the document when it is sent to Solr, Solr will make
>>> sure it has the value "__nosecurity__".  The tests for the components
>>> would not pass if "required" was true, so I am a little puzzled as to
>>> why you feel there is a problem here?
>>> 
>>> Here's what the tests use for schema:
>>> 
>>>  <!-- MCF Security fields -->
>>>  <field name="allow_token_document" type="string" indexed="true"
>>> stored="false" multiValued="true" default="__nosecurity__"/>
>>>  <field name="deny_token_document" type="string" indexed="true"
>>> stored="false" multiValued="true" default="__nosecurity__"/>
>>>  <field name="allow_token_share" type="string" indexed="true"
>>> stored="false" multiValued="true" default="__nosecurity__"/>
>>>  <field name="deny_token_share" type="string" indexed="true"
>>> stored="false" multiValued="true" default="__nosecurity__"/>
>>> 
>>> Here's how the test documents are added:
>>> 
>>>    assertU(adoc("id", "da12", "allow_token_document", "token1",
>>> "allow_token_document", "token2"));
>>>    assertU(adoc("id", "da13-dd3", "allow_token_document", "token1",
>>> "allow_token_document", "token3", "deny_token_document", "token3"));
>>>    assertU(adoc("id", "sa123-sd13", "allow_token_share", "token1",
>>> "allow_token_share", "token2", "allow_token_share", "token3",
>>> "deny_token_share", "token1", "deny_token_share", "token3"));
>>>    assertU(adoc("id", "sa3-sd1-da23", "allow_token_document",
>>> "token2", "allow_token_document", "token3", "allow_token_share",
>>> "token3", "deny_token_share", "token1"));
>>>    assertU(adoc("id", "notoken"));
>>> 
>>> Karl
>>> 
>>> On Mon, Jan 9, 2012 at 11:12 PM, Shinichiro Abe
>>> <sh...@gmail.com> wrote:
>>>> Hi.
>>>> 
>>>> README[1] of solr-integration says that you will need to add security fields,
>>>> and specify required="false".
>>>> I should specify required="true" because MCF connectors always return any tokens
>>>> and we can't search anything if these fields have no tokens
>>>> (that is, null and these fields don't even have "__nosecurity__" that stands for no security token.)
>>>> when using MCF security plugin.
>>>> May I open JIRA ticket for modifying README? Is there a reason that should be required="false"?
>>>> 
>>>> [1]https://svn.apache.org/repos/asf/incubator/lcf/trunk/connectors/solr/integration/README-3.x.txt
>>>> 
>>>> Regards,
>>>> Shinichiro Abe
>>

Re: required attribute of solr-integration security fields

Posted by Karl Wright <da...@gmail.com>.

required="true" affects the update handler, though, and ManifoldCF
does not send "__nosecurity__" as a value; it expects Solr to add it.

So without default value, the solr 3.x and solr 4.x components do not work.

ManifoldCF in Action has its own example, which doesn't use
__nosecurity__, but is slower.  The book is now out of date, though,
in this regard.  You should not mix schema.xml from the book with code
from the ManifoldCF tree.

Karl

On Tue, Jan 10, 2012 at 3:44 AM, Shinichiro Abe
<sh...@gmail.com> wrote:
>> The tests for the components
>> would not pass if "required" was true
> I run "ant test" for the components and passed when adding required="true".
> If someone will forget to set default value of "__nosecurity__",  required="true"  is effective.
> In fact I forgot to add default value, so I couldn't search anything.
> For, I used security fields described in ManifoldCF in Action which don't have default attribute.
> So I think setting required="true"  is helpful.
>
> Regards,
> Shinichiro Abe
>
> On 2012/01/10, at 15:47, Karl Wright wrote:
>
>> The fields should be required="false" but with a default value of
>> "__nosecurity__".  I believe that means that if there is no field
>> value attached to the document when it is sent to Solr, Solr will make
>> sure it has the value "__nosecurity__".  The tests for the components
>> would not pass if "required" was true, so I am a little puzzled as to
>> why you feel there is a problem here?
>>
>> Here's what the tests use for schema:
>>
>>  <!-- MCF Security fields -->
>>  <field name="allow_token_document" type="string" indexed="true"
>> stored="false" multiValued="true" default="__nosecurity__"/>
>>  <field name="deny_token_document" type="string" indexed="true"
>> stored="false" multiValued="true" default="__nosecurity__"/>
>>  <field name="allow_token_share" type="string" indexed="true"
>> stored="false" multiValued="true" default="__nosecurity__"/>
>>  <field name="deny_token_share" type="string" indexed="true"
>> stored="false" multiValued="true" default="__nosecurity__"/>
>>
>> Here's how the test documents are added:
>>
>>    assertU(adoc("id", "da12", "allow_token_document", "token1",
>> "allow_token_document", "token2"));
>>    assertU(adoc("id", "da13-dd3", "allow_token_document", "token1",
>> "allow_token_document", "token3", "deny_token_document", "token3"));
>>    assertU(adoc("id", "sa123-sd13", "allow_token_share", "token1",
>> "allow_token_share", "token2", "allow_token_share", "token3",
>> "deny_token_share", "token1", "deny_token_share", "token3"));
>>    assertU(adoc("id", "sa3-sd1-da23", "allow_token_document",
>> "token2", "allow_token_document", "token3", "allow_token_share",
>> "token3", "deny_token_share", "token1"));
>>    assertU(adoc("id", "notoken"));
>>
>> Karl
>>
>> On Mon, Jan 9, 2012 at 11:12 PM, Shinichiro Abe
>> <sh...@gmail.com> wrote:
>>> Hi.
>>>
>>> README[1] of solr-integration says that you will need to add security fields,
>>> and specify required="false".
>>> I should specify required="true" because MCF connectors always return any tokens
>>> and we can't search anything if these fields have no tokens
>>> (that is, null and these fields don't even have "__nosecurity__" that stands for no security token.)
>>> when using MCF security plugin.
>>> May I open JIRA ticket for modifying README? Is there a reason that should be required="false"?
>>>
>>> [1]https://svn.apache.org/repos/asf/incubator/lcf/trunk/connectors/solr/integration/README-3.x.txt
>>>
>>> Regards,
>>> Shinichiro Abe
>

Re: required attribute of solr-integration security fields

Posted by Shinichiro Abe <sh...@gmail.com>.

> The tests for the components
> would not pass if "required" was true
I run "ant test" for the components and passed when adding required="true".
If someone will forget to set default value of "__nosecurity__",  required="true"  is effective.
In fact I forgot to add default value, so I couldn't search anything.
For, I used security fields described in ManifoldCF in Action which don't have default attribute.
So I think setting required="true"  is helpful.

Regards,
Shinichiro Abe

On 2012/01/10, at 15:47, Karl Wright wrote:

> The fields should be required="false" but with a default value of
> "__nosecurity__".  I believe that means that if there is no field
> value attached to the document when it is sent to Solr, Solr will make
> sure it has the value "__nosecurity__".  The tests for the components
> would not pass if "required" was true, so I am a little puzzled as to
> why you feel there is a problem here?
> 
> Here's what the tests use for schema:
> 
>  <!-- MCF Security fields -->
>  <field name="allow_token_document" type="string" indexed="true"
> stored="false" multiValued="true" default="__nosecurity__"/>
>  <field name="deny_token_document" type="string" indexed="true"
> stored="false" multiValued="true" default="__nosecurity__"/>
>  <field name="allow_token_share" type="string" indexed="true"
> stored="false" multiValued="true" default="__nosecurity__"/>
>  <field name="deny_token_share" type="string" indexed="true"
> stored="false" multiValued="true" default="__nosecurity__"/>
> 
> Here's how the test documents are added:
> 
>    assertU(adoc("id", "da12", "allow_token_document", "token1",
> "allow_token_document", "token2"));
>    assertU(adoc("id", "da13-dd3", "allow_token_document", "token1",
> "allow_token_document", "token3", "deny_token_document", "token3"));
>    assertU(adoc("id", "sa123-sd13", "allow_token_share", "token1",
> "allow_token_share", "token2", "allow_token_share", "token3",
> "deny_token_share", "token1", "deny_token_share", "token3"));
>    assertU(adoc("id", "sa3-sd1-da23", "allow_token_document",
> "token2", "allow_token_document", "token3", "allow_token_share",
> "token3", "deny_token_share", "token1"));
>    assertU(adoc("id", "notoken"));
> 
> Karl
> 
> On Mon, Jan 9, 2012 at 11:12 PM, Shinichiro Abe
> <sh...@gmail.com> wrote:
>> Hi.
>> 
>> README[1] of solr-integration says that you will need to add security fields,
>> and specify required="false".
>> I should specify required="true" because MCF connectors always return any tokens
>> and we can't search anything if these fields have no tokens
>> (that is, null and these fields don't even have "__nosecurity__" that stands for no security token.)
>> when using MCF security plugin.
>> May I open JIRA ticket for modifying README? Is there a reason that should be required="false"?
>> 
>> [1]https://svn.apache.org/repos/asf/incubator/lcf/trunk/connectors/solr/integration/README-3.x.txt
>> 
>> Regards,
>> Shinichiro Abe

Re: required attribute of solr-integration security fields

Posted by Karl Wright <da...@gmail.com>.

The fields should be required="false" but with a default value of
"__nosecurity__".  I believe that means that if there is no field
value attached to the document when it is sent to Solr, Solr will make
sure it has the value "__nosecurity__".  The tests for the components
would not pass if "required" was true, so I am a little puzzled as to
why you feel there is a problem here?

Here's what the tests use for schema:

  <!-- MCF Security fields -->
  <field name="allow_token_document" type="string" indexed="true"
stored="false" multiValued="true" default="__nosecurity__"/>
  <field name="deny_token_document" type="string" indexed="true"
stored="false" multiValued="true" default="__nosecurity__"/>
  <field name="allow_token_share" type="string" indexed="true"
stored="false" multiValued="true" default="__nosecurity__"/>
  <field name="deny_token_share" type="string" indexed="true"
stored="false" multiValued="true" default="__nosecurity__"/>

Here's how the test documents are added:

    assertU(adoc("id", "da12", "allow_token_document", "token1",
"allow_token_document", "token2"));
    assertU(adoc("id", "da13-dd3", "allow_token_document", "token1",
"allow_token_document", "token3", "deny_token_document", "token3"));
    assertU(adoc("id", "sa123-sd13", "allow_token_share", "token1",
"allow_token_share", "token2", "allow_token_share", "token3",
"deny_token_share", "token1", "deny_token_share", "token3"));
    assertU(adoc("id", "sa3-sd1-da23", "allow_token_document",
"token2", "allow_token_document", "token3", "allow_token_share",
"token3", "deny_token_share", "token1"));
    assertU(adoc("id", "notoken"));

Karl

On Mon, Jan 9, 2012 at 11:12 PM, Shinichiro Abe
<sh...@gmail.com> wrote:
> Hi.
>
> README[1] of solr-integration says that you will need to add security fields,
> and specify required="false".
> I should specify required="true" because MCF connectors always return any tokens
> and we can't search anything if these fields have no tokens
> (that is, null and these fields don't even have "__nosecurity__" that stands for no security token.)
> when using MCF security plugin.
> May I open JIRA ticket for modifying README? Is there a reason that should be required="false"?
>
> [1]https://svn.apache.org/repos/asf/incubator/lcf/trunk/connectors/solr/integration/README-3.x.txt
>
> Regards,
> Shinichiro Abe