You are viewing a plain text version of this content. The canonical link for it is here.

Posted to user@manifoldcf.apache.org by yuvaraj ponnuswamy <yu...@yahoo.co.in> on 2014/05/23 15:11:02 UTC

ManifoldCF Security Feature

Hi Karl,

I have been using the Share Point for the Repository Connector and the Solr for the output connector.Also, i have created some douments with my user id in the share point repository.
I have configured the Job and while running, it is indexing the documents from the share point into the solr.

I just want to understand how the security will work when we search the documents from Solr.

Do we need to pass the user id or group while searching in Solr.

Also i like to understand, how the documetns are retrived and displayed for the user for which he has access and how the other documnts are not displayed/restricted for him for which he dont have access.

If i see the solr console i am getting the access tokens as deny_token_document=DEAD_AUTHORITY and  literal.allow_token_document=GDev%2BMembers

what does the above mean.

Please let me know your inputs on the same.

 
Solr Console Log:
INFO: [mbartists] webapp=/solr path=/update/extract params={literal.GUID={4C6AD75C-968D-4185-AD25-72
2A55EA4892}&literal.deny_token_document=DEAD_AUTHORITY&literal.id=http://rrspf03:4444/MyTest/items1.
docx&resource.name=items1.docx&literal.allow_token_document=GDev%2BOwners&literal.allow_token_docume
nt=GDev%2BMembers&literal.allow_token_document=GDev%2BVisitors&wt=xml&version=2.2} status=0 QTime=55
3
May 23, 2014 7:25:52 AM org.apache.solr.core.SolrCore execute
INFO: [mbartists] webapp=/solr path=/update/extract params={literal.GUID={8B8EA058-340E-41DE-94D7-D1
5768D87238}&literal.deny_token_document=DEAD_AUTHORITY&literal.id=http://rrspf03:4444/MyTest/new.doc
x&resource.name=new.docx&literal.allow_token_document=GDev%2BOwners&literal.allow_token_document=GDe
v%2BMembers&literal.allow_token_document=GDev%2BVisitors&wt=xml&version=2.2} status=0 QTime=553
May 23, 2014 7:25:52 AM org.apache.solr.update.processor.LogUpdateProcessor finish
INFO: {add=[http://rrspf03:4444/MyTest/new1.docx]} 0 148
May 23, 2014 7:25:52 AM org.apache.solr.core.SolrCore execute
INFO: [mbartists] webapp=/solr path=/update/extract params={literal.GUID={D361BC3A-929A-48FD-9CF8-3D
8643517BFB}&literal.deny_token_document=DEAD_AUTHORITY&literal.id=http://rrspf03:4444/MyTest/new1.do
cx&resource.name=new1.docx&literal.allow_token_document=GDev%2BOwners&literal.allow_token_document=G
Dev%2BMembers&literal.allow_token_document=GDev%2BVisitors&wt=xml&version=2.2} status=0 QTime=148
May 23, 2014 7:26:04 AM org.apache.solr.update.DirectUpdateHandler2 commit
INFO: start commit(optimize=false,waitFlush=false,waitSearcher=true,expungeDeletes=false)
May 23, 2014 7:26:04 AM org.apache.solr.core.SolrDeletionPolicy onCommit
INFO: SolrDeletionPolicy.onCommit: commits:num=2


Thanks
P.Yuvaraj Kumar

Re: ManifoldCF Security Feature

Posted by Karl Wright <da...@gmail.com>.

I think you should read Chapter 4 of ManifoldCF in Action:

http://manifoldcfinaction.googlecode.com/svn/trunk/pdfs

Karl



On Fri, May 23, 2014 at 9:11 AM, yuvaraj ponnuswamy
<yu...@yahoo.co.in>wrote:

>  Hi Karl,
>
> I have been using the Share Point for the Repository Connector and the
> Solr for the output connector.Also, i have created some douments with my
> user id in the share point repository.
> I have configured the Job and while running, it is indexing the documents
> from the share point into the solr.
>
> I just want to understand how the security will work when we search the
> documents from Solr.
> Do we need to pass the user id or group while searching in Solr.
>
> Also i like to understand, how the documetns are retrived and displayed
> for the user for which he has access and how the other documnts are not
> displayed/restricted for him for which he dont have access.
>
> If i see the solr console i am getting the access tokens as
> deny_token_document=DEAD_AUTHORITY and
> literal.allow_token_document=GDev%2BMembers
>
> what does the above mean.
>
> Please let me know your inputs on the same.
>
>
>
> *Solr Console Log:*INFO: [mbartists] webapp=/solr path=/update/extract
> params={literal.GUID={4C6AD75C-968D-4185-AD25-72
> 2A55EA4892}&literal.deny_token_document=DEAD_AUTHORITY&literal.id=
> http://rrspf03:4444/MyTest/items1.
> docx&resource.name
> =items1.docx&literal.allow_token_document=GDev%2BOwners&literal.allow_token_docume
> nt=GDev%2BMembers&literal.allow_token_document=GDev%2BVisitors&wt=xml&version=2.2}
> status=0 QTime=55
> 3
> May 23, 2014 7:25:52 AM org.apache.solr.core.SolrCore execute
> INFO: [mbartists] webapp=/solr path=/update/extract
> params={literal.GUID={8B8EA058-340E-41DE-94D7-D1
> 5768D87238}&literal.deny_token_document=DEAD_AUTHORITY&literal.id=
> http://rrspf03:4444/MyTest/new.doc
> x&resource.name
> =new.docx&literal.allow_token_document=GDev%2BOwners&literal.allow_token_document=GDe
> v%2BMembers&literal.allow_token_document=GDev%2BVisitors&wt=xml&version=2.2}
> status=0 QTime=553
> May 23, 2014 7:25:52 AM
> org.apache.solr.update.processor.LogUpdateProcessor finish
> INFO: {add=[http://rrspf03:4444/MyTest/new1.docx]} 0 148
> May 23, 2014 7:25:52 AM org.apache.solr.core.SolrCore execute
> INFO: [mbartists] webapp=/solr path=/update/extract
> params={literal.GUID={D361BC3A-929A-48FD-9CF8-3D
> 8643517BFB}&literal.deny_token_document=DEAD_AUTHORITY&literal.id=
> http://rrspf03:4444/MyTest/new1.do
> cx&resource.name
> =new1.docx&literal.allow_token_document=GDev%2BOwners&literal.allow_token_document=G
> Dev%2BMembers&literal.allow_token_document=GDev%2BVisitors&wt=xml&version=2.2}
> status=0 QTime=148
> May 23, 2014 7:26:04 AM org.apache.solr.update.DirectUpdateHandler2 commit
> INFO: start
> commit(optimize=false,waitFlush=false,waitSearcher=true,expungeDeletes=false)
> May 23, 2014 7:26:04 AM org.apache.solr.core.SolrDeletionPolicy onCommit
> INFO: SolrDeletionPolicy.onCommit: commits:num=2
>
>
> Thanks
> P.Yuvaraj Kumar
>