lucene-java-user mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Volodymyr Bychkoviak <>
Subject Re: Implementing security in search
Date Tue, 29 Mar 2005 15:08:20 GMT
maybe it is not the best solution, but

you can form restriction clause like (+allowedRole1 +allowedRole2 
+allowedRole2 -forbiddenRole1 -forbiddenRole2 ... -forbiddenRoleN)

where (forbiddenRole1 ... forbiddenRoleN)  are all posible roles except 
allowed roles.

Volodymyr Bychkoviak

Carlos Franco Robles wrote:

>Hi! I need to implement security in search. When I'm indexing contents, 
>I set a field with the roles assigned to that particular content. The 
>problem is that a content should be retrieved from a search only if the 
>user has *all* the roles assigned to the indexed content, not just one 
>(in that case it would be easy). So, for example, if a content has the 
>roles Role1, Role2 and Role3, and the user only has Role1 and Role3, the
>content should not be retrieved. The set of roles available to both 
>contents and users is not fixed. So far I haven't seen an easy way to do
>that in Lucene. Any idea?
>Thanks in advance.

To unsubscribe, e-mail:
For additional commands, e-mail:

View raw message