manifoldcf-user mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Ahmet Arslan <iori...@yahoo.com>
Subject Re: How to query for content with ACLs?
Date Thu, 12 Jun 2014 23:13:34 GMT
Hi Lalit,

It makes more sense to use appends section rather than defaults section when defining mcf
query parser plugin in fq parameter.

<lst name="appends">
<str name="fq">{!manifoldCFSecurity}</str>
</lst>





On Friday, June 13, 2014 12:51 AM, lalit jangra <lalit.j.jangra@gmail.com> wrote:
 


Hi Ahmet,

I have configured solrconfig.xml as per your suggestion.

 <requestHandler name="/select" class="solr.SearchHandler">
    <!-- default values for query parameters can be specified, these
         will be overridden by parameters in the request
      -->
     <lst name="defaults">
       <str name="echoParams">explicit</str>
       <int name="rows">1000</int>
       <str name="df">text</str>
       <str name="fq">{!manifoldCFSecurity}</str>
     </lst>
....
</requestHandler>


Next i am running a job which indexes sharepoint content in solr but when i am searching in
solr, i am getting not results & getting UNREACHABLEAUTHORITY message.

INFO  - 2014-06-12 22:22:29.944; org.apache.solr.core.SolrDeletionPolicy; SolrDeletionPolicy.onCommit:
commits: num=2
    commit{dir=NRTCachingDirectory(org.apache.lucene.store.MMapDirectory@C:\solr-4.6.0\example\solr\collection1\data\index
lockFactory=org.apache.lucene.store.NativeFSLockFactory@3971846; maxCacheMB=48.0 maxMergeSizeMB=4.0),segFN=segments_1,generation=1}
    commit{dir=NRTCachingDirectory(org.apache.lucene.store.MMapDirectory@C:\solr-4.6.0\example\solr\collection1\data\index
lockFactory=org.apache.lucene.store.NativeFSLockFactory@3971846; maxCacheMB=48.0 maxMergeSizeMB=4.0),segFN=segments_2,generation=2}
INFO  - 2014-06-12 22:22:29.944; org.apache.solr.core.SolrDeletionPolicy; newest commit generation
= 2
INFO  - 2014-06-12 22:22:29.960; org.apache.solr.search.SolrIndexSearcher; Opening Searcher@5ac787b0
main
INFO  - 2014-06-12 22:22:29.975; org.apache.solr.update.DirectUpdateHandler2; end_commit_flush
INFO  - 2014-06-12 22:22:29.975; org.apache.solr.core.QuerySenderListener; QuerySenderListener
sending requests to Searcher@5ac787b0 main{StandardDirectoryReader(segments_2:3:nrt _0(4.6):C10)}
INFO  - 2014-06-12 22:22:29.975; org.apache.solr.core.QuerySenderListener; QuerySenderListener
done.
INFO  - 2014-06-12 22:22:29.975; org.apache.solr.core.SolrCore; [collection1] Registered
new searcher Searcher@5ac787b0 main{StandardDirectoryReader(segments_2:3:nrt _0(4.6):C10)}
INFO  - 2014-06-12 22:22:29.975; org.apache.solr.update.processor.LogUpdateProcessor; [collection1]
webapp=/solr path=/update/extract params={commit=true&wt=xml&version=2.2} {commit=}
0 265
INFO  - 2014-06-12 22:22:35.663; org.apache.solr.servlet.SolrDispatchFilter; [admin] webapp=null
path=/admin/cores params={indexInfo=false&_=1402608155643&wt=json} status=0 QTime=0

INFO  - 2014-06-12 22:22:35.741; org.apache.solr.servlet.SolrDispatchFilter; [admin] webapp=null
path=/admin/info/system params={_=1402608155681&wt=json} status=0 QTime=15 
INFO  - 2014-06-12 22:22:36.960; org.apache.solr.mcf.ManifoldCFQParserPlugin$ManifoldCFQueryParser;
Default no-user response (open documents only)
INFO  - 2014-06-12 22:22:36.976; org.apache.solr.core.SolrCore; [collection1] webapp=/solr
path=/select params={indent=true&q=*:*&_=1402608156947&wt=json} hits=0 status=0
QTime=16 
INFO  - 2014-06-12 22:22:40.569; org.apache.solr.mcf.ManifoldCFQParserPlugin$ManifoldCFQueryParser;
Trying to match docs for user '[:ljangra@water.com]'
INFO  - 2014-06-12 22:22:40.726; org.apache.solr.mcf.ManifoldCFQParserPlugin$ManifoldCFQueryParser;
Saw authority response UNREACHABLEAUTHORITY:SsharepointAuthority
INFO  - 2014-06-12 22:22:40.726; org.apache.solr.core.SolrCore; [collection1] webapp=/solr
path=/select params={indent=true&q=*:*&_=1402608160548&wt=json&AuthenticatedUserName=ljangra@water.com}
hits=0 status=0 QTime=157 

UNREACHABLEAUTHORITY means name of an authority that was found to be unreachable or unusable
but i am having same authority working fine in MCF.


Please help.

Regards.





On Thu, Jun 12, 2014 at 9:26 PM, Ahmet Arslan <iorixxx@yahoo.com> wrote:

Hi Karl,
>
>
>May be we should use  
>
>
> <requestHandler name="/select" class="solr.SearchHandler">
>
>
>
>in https://svn.apache.org/repos/asf/manifoldcf/integration/solr-4.x/trunk/README.txt
>
>
>To avoid confusion?
>
>
>What do you think?
>
>
>
>On Thursday, June 12, 2014 11:12 PM, Karl Wright <daddywri@gmail.com> wrote:
> 
>
>
>What does your solrconfig.xml file look like?
>Karl
>
>
>
>
>On Thu, Jun 12, 2014 at 2:58 PM, lalit jangra <lalit.j.jangra@gmail.com> wrote:
>
>Hi Ahmet,
>>
>>I tried the way you suggested but its not working. My solr query is as below.
>>
>>http://localhost:8983/solr/collection1/select?q=*%3A*&wt=json&indent=true&AuthenticatedUserName=ljangra@domain.entp
>>
>>Whatever name i am passing as AuthenticatedUserName, it returning all results. 
>>
>>I have indexed my documents using mcf-solr plugin using instructions @ https://svn.apache.org/repos/asf/manifoldcf/integration/solr-4.x/trunk/README.txt.
Below are some of ACL stored in solr. Am i missing something?
>>
>>
>>"_version_":
1470562493875093500,
>>       
"allow_token_share": [
>>         
"__nosecurity__"
>>       
],
>>       
"deny_token_share": [
>>         
"__nosecurity__"
>>       
]
>>     
},
>>     
{
>>       
"content_name": "Alfresco-in-an-Hour.pdf"
>>       
"deny_token_document": [
>>         
"SP+Group:DEAD_AUTHORITY"
>>       
],
>>       
"allow_token_document": [
>>         
"SP+Group:GTest+lalit+Portal+Visitors",
>>         
"SP+Group:GTest+lalit+Portal+Owners",
>>         
"SP+Group:GRestricted+Readers",
>>         
"SP+Group:GTest+lalit+Administrators",
>>         
"SP+Group:GTest+lalit+Portal+Members",
>>         
"SP+Group:Uc%3A0%28.s%7Ctrue",
>>         
"SP+Group:GHierarchy+Managers",
>>         
"SP+Group:GApprovers",
>>         
"SP+Group:GViewers",
>>         
"SP+Group:GDesigners"
>>       
],
>>       
"content_modified_date": "2014-06-04T00:00:00Z",
>> 
>> 
>> 
>>               
  SDD
>> 
>> 
>>               
   "_version_": 1470564182244982800
>>     
},
>>     
{
>>       
"deny_token_share": [
>>         
"AD+Group:DEAD_AUTHORITY"
>>       
],
>>       
"content_name": "hekko.txt",
>>       
"content_modifier": "iwater.ie\\ljangra",
>>       
"deny_token_document": [
>>         
"AD+Group:DEAD_AUTHORITY"
>>       
],
>>              
"id": "file://///10.231.82.15/AlfrescoInstallers/manifoldtest/hekko.txt",
>>       
"allow_token_document": [
>>         
"AD+Group:S-1-5-18",
>>         
"AD+Group:S-1-5-21-2630432783-15384281-2988178474-12088",
>>         
"AD+Group:S-1-5-21-2630432783-15384281-2988178474-12147",
>>         
"AD+Group:S-1-5-21-2630432783-15384281-2988178474-12148",
>>         
"AD+Group:S-1-5-21-2630432783-15384281-2988178474-12149",
>>         
"AD+Group:S-1-5-21-2630432783-15384281-2988178474-12150",
>>         
"AD+Group:S-1-5-21-2630432783-15384281-2988178474-12217",
>>         
"AD+Group:S-1-5-21-2630432783-15384281-2988178474-15154",
>>         
"AD+Group:S-1-5-21-2630432783-15384281-2988178474-8005",
>>         
"AD+Group:S-1-5-32-544"
>>       
],
>>       
>>        "allow_token_share":
[
>>         
"AD+Group:S-1-1-0",
>>         
"AD+Group:S-1-5-32-544"
>>       
],
>> 
>> 
>>               
CMIS 
>> 
>>               
"allow_token_share": [
>>         
"__nosecurity__"
>>       
],
>>       
"deny_token_document": [
>>         
"__nosecurity__"
>>       
],
>>       
"deny_token_share": [
>>         
"__nosecurity__"
>>       
],
>>       
"allow_token_document": [
>>         
"__nosecurity__"
>>       
]
>>Regards.
>>
>>
>>
>>
>>
>>
>>On Thu, Jun 12, 2014 at 3:01 PM, Ahmet Arslan <iorixxx@yahoo.com> wrote:
>>
>>Hi,
>>>
>>>
>>>As documented here https://svn.apache.org/repos/asf/manifoldcf/integration/solr-4.x/trunk/README.txt
>>>
>>>
>>>"At a minimum, AuthenticatedUserName must be present in order" 
>>>
>>>
>>>
>>>
>>>This is a URL parameter, just like Solr params. Here is an example.
>>>
>>>
>>>http://localhost:8983/solr/documents/select?q=*%3A*&wt=xml&AuthenticatedUserName=ahmet@g-b.entp&facet=on&facet.field=Content-Type
>>>
>>>
>>>
>>>
>>>On Thursday, June 12, 2014 4:28 PM, lalit jangra <lalit.j.jangra@gmail.com>
wrote:
>>> 
>>>
>>>
>>>Hi All,
>>>
>>>As continuing from http://lucene.472066.n3.nabble.com/How-to-query-for-content-with-ACLs-td4141402.html
as per Ahmet's suggestion.
>>>
>>>I have setup mcf-solr4x-plugin in MCF 1.5.1 and i can see ACLs indexed into solr
indexes. 
>>>
>>>Now i want to write Solr query to put a user's permission details into in it which
can be compared to ACL stored in solr and only those results will be returned to user on which
he has been assigned ACL.
>>>
>>>How can i do this?  Can i use MCF filter  below here or do i need to write custom
query for my need?
>>>
>>><requestHandler name="search" class="solr.SearchHandler" default="true">
>>>  <lst name="appends">
>>>    <str name="fq">{!manifoldCFSecurity}</str>
>>>  </lst>
>>></requestHandler>
>>>
>>>Please help.
>>>
>>>
>>>Regards,
>>>Lalit Jangra. 
>>>
>>>
>>
>>
>>-- 
>>Regards,
>>Lalit Jangra. 
>
>
>


-- 
Regards,
Lalit Jangra. 
Mime
View raw message