lucene-java-user mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Daniel Rosher" <rosh...@googlemail.com>
Subject Re: Design Problem: Searching large set of protected documents
Date Tue, 03 Apr 2007 14:33:08 GMT
Hi Jonathon,

Since the number of users in your application is small, perhaps you could
apply a pre-generated filter per user, and apply this to the search, however
this won't scale well if the number of users grow.

Another idea might be to have several filters,each of which detail a
particular type of access rather than a filter / user. Then using the
ChainedFilter chain together these filters, depending on the user, at query
time.

Regards,
Dan

On 4/3/07, Jonathan O'Connor <jonathan.oconnor@xcom.de> wrote:
>
> Hi,
> I have a database of a million documents and about 100 users. The
> documents
> can have an access control list, and there is a complex, recursive
> algorithm to say if a particular user can see a particular document.
>
> My problem is that my search algorithm is to first do a standard lucene
> search for matching documents, and then check security on each one found,
> just returning the allowed documents. However, if I do this, and the
> lucene
> returns 100000 docs, but the user can only see 10 of these, then obviously
> the search is going to take an awful long time.
>
> Has anyone come across this problem before, and if so what approach did
> you
> take? I guess I could precalculate the permissions for every user-document
> pair, but that's alot of storage, and a lot of precalculation!
>
> I await the list's accumulated wisdom with eagerness and interest.
> Thanks,
> Jonathan O'Connor
> XCOM Dublin
>
>
>
> *** XCOM AG Legal Disclaimer ***
>
> Diese E-Mail einschliesslich ihrer Anhaenge ist vertraulich und ist allein
> für den Gebrauch durch den vorgesehenen Empfaenger bestimmt. Dritten ist
> das Lesen, Verteilen oder Weiterleiten dieser E-Mail untersagt. Wir
> bitten,
> eine fehlgeleitete E-Mail unverzueglich vollstaendig zu loeschen und uns
> eine Nachricht zukommen zu lassen.
>
> This email may contain material that is confidential and for the sole use
> of the intended recipient. Any review, distribution by others or
> forwarding
> without express permission is strictly prohibited. If you are not the
> intended recipient, please contact the sender and delete all copies.
>
> Hauptsitz: Bahnstrasse 37, D-47877 Willich, USt-IdNr.: DE 812 885 664
> Kommunikation: Telefon +49 2154 9209-70, Telefax +49 2154 9209-900,
> www.xcom.de
> Handelsregister: Amtsgericht Krefeld, HRB 10340
> Vorstand: Matthias Albrecht, Renate Becker-Grope, Marco Marty, Dr. Rainer
> Fuchs
> Vorsitzender des Aufsichtsrates: Stephan Steuer

Mime
  • Unnamed multipart/alternative (inline, None, 0 bytes)
View raw message