lucene-solr-user mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Erick Erickson <erickerick...@gmail.com>
Subject Re: api key filtering
Date Sat, 22 Jan 2011 21:50:57 GMT
1024 is the default number, it can be increased. See MaxBooleanClauses
in solrconfig.xml

This shouldn't be a problem with 2K clauses, but expanding it to tens of
thousands is probably a mistake (but test to be sure).

Best
Erick

On Sat, Jan 22, 2011 at 3:50 PM, Matt Mitchell <goodieboy@gmail.com> wrote:

> Hey thanks I'll definitely have a read. The only problem with this though,
> is that our api is a thin layer of app-code, with solr only (no db), we
> index data from our sql db into solr, and push the index off for
> consumption.
>
> The only other idea I had was to send a list of the allowed document ids
> along with every solr query, but then I'm sure I'd run into a filter query
> limit. Each key could be associated with up to 2k documents, so that's 2k
> values in an fq which would probably be too many for lucene (I think its
> limit 1024).
>
> Matt
>
> On Sat, Jan 22, 2011 at 3:40 PM, Dennis Gearon <gearond@sbcglobal.net
> >wrote:
>
> > The only way that you would have that many api keys per record, is if one
> > of
> > them represented 'public', right? 'public' is a ROLE. Your answer is to
> use
> > RBAC
> > style techniques.
> >
> >
> > Here are some links that I have on the subject. What I'm thinking of
> doing
> > is:
> > Sorry for formatting, Firefox is freaking out. I cut and pasted these
> from
> > an
> > email from my sent box. I hope the links came out.
> >
> >
> > Part 1
> >
> >
> >
> http://www.xaprb.com/blog/2006/08/16/how-to-build-role-based-access-control-in-sql/
> >
> >
> > Part2
> > Role-based access control in SQL, part 2 at Xaprb
> >
> >
> >
> >
> >
> > ACL/RBAC Bookmarks ALL
> >
> > UserRbac - symfony - Trac
> > A Role-Based Access Control (RBAC) system for PHP
> > Appendix C: Task-Field Access
> > Role-based access control in SQL, part 2 at Xaprb
> > PHP Access Control - PHP5 CMS Framework Development | PHP Zone
> > Linux file and directory permissions
> > MySQL :: MySQL 5.0 Reference Manual :: C.5.4.1 How to Reset the Root
> > Password
> > per RECORD/Entity permissions? - symfony users | Google Groups
> > Special Topics: Authentication and Authorization | The Definitive Guide
> to
> > Yii |
> > Yii Framework
> >
> > att.net Mail (gearond@sbcglobal.net)
> > Solr - User - Modelling Access Control
> > PHP Generic Access Control Lists
> > Row-level Model Access Control for CakePHP « some flot, some jet
> > Row-level Model Access Control for CakePHP « some flot, some jet
> > Yahoo! GeoCities: Get a web site with easy-to-use site building tools.
> > Class that acts as a client to a JSON service : JSON « GWT « Java
> > Juozas Kaziukėnas devBlog
> > Re: [symfony-users] Implementing an existing ACL API in symfony
> > php - CakePHP ACL Database Setup: ARO / ACO structure? - Stack Overflow
> > W3C ACL System
> > makeAclTables.sql
> > SchemaWeb - Classes And Properties - ACL Schema
> > Reardon's Ruminations: Spring Security ACL Schema for Oracle
> > trunk/modules/auth/libraries/Khacl.php | Source/SVN | Assembla
> > Acl.php - kohana-mptt - Project Hosting on Google Code
> > Asynchronous JavaScript Technology and XML (Ajax) With the Java Platform
> > The page cannot be found
> >
> >
> >  Dennis Gearon
> >
> >
> > Signature Warning
> > ----------------
> > It is always a good idea to learn from your own mistakes. It is usually a
> > better
> > idea to learn from others’ mistakes, so you do not have to make them
> > yourself.
> > from 'http://blogs.techrepublic.com.com/security/?p=4501&tag=nl.e036'
> >
> >
> > EARTH has a Right To Life,
> > otherwise we all die.
> >
> >
> >
> > ----- Original Message ----
> > From: Matt Mitchell <goodieboy@gmail.com>
> > To: solr-user@lucene.apache.org
> > Sent: Sat, January 22, 2011 11:48:22 AM
> > Subject: api key filtering
> >
> > Just wanted to see if others are handling this in some special way, but I
> > think this is pretty simple.
> >
> > We have a database of api keys that map to "allowed" db records. I'm
> > planning on indexing the db records into solr, along with their api keys
> in
> > an indexed, non-stored, multi-valued field. Then, to query for docs that
> > belong to a particular api key, they'll be queried using a filter query
> on
> > api_key.
> >
> > The only concern of mine is that, what if we end up with 100k api_keys?
> > Would it be a problem to have 100k non-stored keys in each document? We
> > have
> > about 500k documents total.
> >
> > Matt
> >
> >
>

Mime
  • Unnamed multipart/alternative (inline, None, 0 bytes)
View raw message