Return-Path: X-Original-To: apmail-lucene-dev-archive@www.apache.org Delivered-To: apmail-lucene-dev-archive@www.apache.org Received: from mail.apache.org (hermes.apache.org [140.211.11.3]) by minotaur.apache.org (Postfix) with SMTP id 0ACDC7CCE for ; Wed, 21 Sep 2011 01:39:36 +0000 (UTC) Received: (qmail 34208 invoked by uid 500); 21 Sep 2011 01:39:34 -0000 Delivered-To: apmail-lucene-dev-archive@lucene.apache.org Received: (qmail 34164 invoked by uid 500); 21 Sep 2011 01:39:34 -0000 Mailing-List: contact dev-help@lucene.apache.org; run by ezmlm Precedence: bulk List-Help: List-Unsubscribe: List-Post: List-Id: Reply-To: dev@lucene.apache.org Delivered-To: mailing list dev@lucene.apache.org Received: (qmail 34157 invoked by uid 99); 21 Sep 2011 01:39:34 -0000 Received: from nike.apache.org (HELO nike.apache.org) (192.87.106.230) by apache.org (qpsmtpd/0.29) with ESMTP; Wed, 21 Sep 2011 01:39:34 +0000 X-ASF-Spam-Status: No, hits=-2000.5 required=5.0 tests=ALL_TRUSTED,RP_MATCHES_RCVD X-Spam-Check-By: apache.org Received: from [140.211.11.116] (HELO hel.zones.apache.org) (140.211.11.116) by apache.org (qpsmtpd/0.29) with ESMTP; Wed, 21 Sep 2011 01:39:31 +0000 Received: from hel.zones.apache.org (hel.zones.apache.org [140.211.11.116]) by hel.zones.apache.org (Postfix) with ESMTP id 6483FA5955 for ; Wed, 21 Sep 2011 01:39:10 +0000 (UTC) Date: Wed, 21 Sep 2011 01:39:10 +0000 (UTC) From: "Karl Wright (JIRA)" To: dev@lucene.apache.org Message-ID: <1767708022.49010.1316569150408.JavaMail.tomcat@hel.zones.apache.org> Subject: [jira] [Issue Comment Edited] (SOLR-1895) ManifoldCF SearchComponent plugin for enforcing ManifoldCF security at search time MIME-Version: 1.0 Content-Type: text/plain; charset=utf-8 Content-Transfer-Encoding: 7bit X-JIRA-FingerPrint: 30527f35849b9dde25b450d4833f0394 X-Virus-Checked: Checked by ClamAV on apache.org [ https://issues.apache.org/jira/browse/SOLR-1895?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=13109189#comment-13109189 ] Karl Wright edited comment on SOLR-1895 at 9/21/11 1:37 AM: ------------------------------------------------------------ bq. So I think this boils down to MCF having a custom query parser in it's codebase (yes, it'll have to depend on Solr, but it already does in terms of being able to index into Solr). There's currently no such dependency, but it looks like there will be shortly. (Indexing is handled via http, so there are no Solr requirements there.) bq. Any holes in doing it this way? Seems the cleanest/slickest way to me currently. Can you give me an example of multiple filter queries being used? For example, suppose an fq argument comes into the Search Handler - how does the "appends" do the right thing? I'd like this to be transparent to other query parsers that may be in use, so I want to verify that there will be no impact in silently adding another one to the chain. was (Author: kwright@metacarta.com): bq. So I think this boils down to MCF having a custom query parser in it's codebase (yes, it'll have to depend on Solr, but it already does in terms of being able to index into Solr). There's currently no such dependency, but it looks like there will be shortly. (Indexing is handled via http, so there is no Solr requirements here.) bq. Any holes in doing it this way? Seems the cleanest/slickest way to me currently. Can you give me an example of multiple filter queries being used? For example, suppose an fq argument comes into the Search Handler - how does the "appends" do the right thing? I'd like this to be transparent to other query parsers that may be in use, so I want to verify that there will be no impact in silently adding another one to the chain. > ManifoldCF SearchComponent plugin for enforcing ManifoldCF security at search time > ---------------------------------------------------------------------------------- > > Key: SOLR-1895 > URL: https://issues.apache.org/jira/browse/SOLR-1895 > Project: Solr > Issue Type: New Feature > Components: SearchComponents - other > Reporter: Karl Wright > Labels: document, security, solr > Fix For: 3.5, 4.0 > > Attachments: LCFSecurityFilter.java, LCFSecurityFilter.java, LCFSecurityFilter.java, LCFSecurityFilter.java, SOLR-1895-service-plugin.patch, SOLR-1895-service-plugin.patch, SOLR-1895.patch, SOLR-1895.patch, SOLR-1895.patch, SOLR-1895.patch, SOLR-1895.patch, SOLR-1895.patch > > > I've written an LCF SearchComponent which filters returned results based on access tokens provided by LCF's authority service. The component requires you to configure the appropriate authority service URL base, e.g.: > > > http://localhost:8080/lcf-authority-service > > Also required are the following schema.xml additions: > > > > > > Finally, to tie it into the standard request handler, it seems to need to run last: > > > lcfSecurity > > ... > I have not set a package for this code. Nor have I been able to get it reviewed by someone as conversant with Solr as I would prefer. It is my hope, however, that this module will become part of the standard Solr 1.5 suite of search components, since that would tie it in with LCF nicely. -- This message is automatically generated by JIRA. For more information on JIRA, see: http://www.atlassian.com/software/jira --------------------------------------------------------------------- To unsubscribe, e-mail: dev-unsubscribe@lucene.apache.org For additional commands, e-mail: dev-help@lucene.apache.org