manifoldcf-user mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Karl Wright <daddy...@gmail.com>
Subject Re: Solr MCF ACL Plugin
Date Tue, 12 Aug 2014 09:50:54 GMT
Hi Lalit,

Yes, it seems likely that the MCF solr plugin is setting fq to the right
query expression, and then you are later setting fq to something else
entirely with your own plugin.

Your plugin must take the incoming fq field and include it in the final
expression.

Karl



On Tue, Aug 12, 2014 at 4:23 AM, lalit jangra <lalit.j.jangra@gmail.com>
wrote:

> Thanks Karl for promptness,
>
> Invoking http://
> <your_mcf_instance/mcf-authority-service/UserACLs?username=
> ljangra@iwater.ie gives me below ACLs which seem to be fine to me.
>
> AUTHORIZED:SharePointAuthConnection
>
> TOKEN:SharepointAuthGroup:Ui%3A0%23.w%7Ciwater.ie%255cljangra
>
> TOKEN:SharepointAuthGroup:Uc%3A0%2B.w%7Cs-1-5-32-545
>
>
> TOKEN:SharepointAuthGroup:Uc%3A0%2B.w%7Cs-1-5-21-2630432783-15384281-2988178474-15263
>
>
> TOKEN:SharepointAuthGroup:Uc%3A0%2B.w%7Cs-1-5-21-2630432783-15384281-2988178474-513
>
>
> TOKEN:SharepointAuthGroup:Uc%3A0%2B.w%7Cs-1-5-21-2630432783-15384281-2988178474-13472
>
>
> TOKEN:SharepointAuthGroup:Uc%3A0%2B.w%7Cs-1-5-21-2630432783-15384281-2988178474-3182
>
>
> TOKEN:SharepointAuthGroup:Uc%3A0%2B.w%7Cs-1-5-21-2630432783-15384281-2988178474-1619
>
>
> TOKEN:SharepointAuthGroup:Uc%3A0%2B.w%7Cs-1-5-21-2630432783-15384281-2988178474-1813
>
>
> TOKEN:SharepointAuthGroup:Ui%3A0%2B.w%7Cs-1-5-21-2630432783-15384281-2988178474-12149
>
> TOKEN:SharepointAuthGroup:Uc%3A0%21.s%7Cwindows
>
> TOKEN:SharepointAuthGroup:Uc%3A0%28.s%7Ctrue
>
> I got it now, the missing part is absence of user tokens in solr query as
> you mentioned.
>
> Please suggest.
>
> Regards.
>
>
>
> On Tue, Aug 12, 2014 at 12:32 PM, Karl Wright <daddywri@gmail.com> wrote:
>
>> Hi Lalit,
>>
>> The MCF plugin does this:
>> - Looks for the AuthenticatedUserName parameter
>> - Sends the AuthenticatedUserName parameter to ManifoldCF's authority
>> service, and gets back user tokens
>> - Constructs a filter query (fq) expression from the user tokens
>>
>> It's very hard for me to guess which acls come from your SharePoint
>> instance and which come from your Alfresco instance.  But this is almost
>> certainly wrong:
>>
>> fq=content_source:SharePoint&version=2&AuthenticatedUserName=
>> ljangra@iwater.ie
>> ... because there are no access tokens whatsoever.
>>
>> This too has no ACLs:
>> fq=
>> content_source:SharePoint+AND+AuthenticatedUserName%3Dljangra@iwater.ie
>>
>>
>> This has access tokens, but they seem to all be from Alfresco:
>>
>> fq=(content_source:Alfresco+AND+alf_acls%253A%2528GROUP_CTXRDP%2BOR%2BGROUP_ECM-Developer-Admins%2BOR%2BGROUP_EVERYONE%2BOR%2BGROUP_ExtendedReaders3e7350e3-ab94-4ecc-87fa-d59ad3deda23%2BOR%2BGROUP_GLS-IW-ADM-ECM-Manifold-Testing%2BOR%2BGROUP_Irish+Water+All+Hands%2BOR%2BGROUP_Jump-Server-Admins%2BOR%2BGROUP_iwaterdesktop%2BOR%2BGROUP_site_LegalServices%2BOR%2BGROUP_site_LegalServices_SiteConsumer%2529)+OR+content_source:SharePoint&AuthenticatedUserName=
>> ljangra@iwater.ie
>>
>> So frankly I see no evidence that you are including any SharePoint access
>> tokens in your query at all.  Could you do the following:
>>
>> curl "http://<your_mcf_instance/mcf-authority-service/UserACLs?username=
>> ljangra@iwater.ie"
>>
>> ... and send me what you get back?  If that looks good, I suggest that
>> you are probably overwriting the mcf plugin's fq entirely, and not
>> including it in your expression.
>>
>> Thanks,
>> Karl
>>
>>
>>
>>
>> On Tue, Aug 12, 2014 at 2:38 AM, lalit jangra <lalit.j.jangra@gmail.com>
>> wrote:
>>
>>> Thanks Karl,
>>>
>>> I am working with filter queries here and initially i tried to put
>>> filter queries as below but it did not work and i got only alfresco content.
>>>
>>> (alfresco_expression AND is_alfresco) OR (sharepoint_expression AND
>>> is_sharepoint)
>>>
>>> Here is query from solr logs for same.
>>>
>>> 588159410 [http-bio-8080-exec-330] INFO
>>> org.apache.solr.mcf.ManifoldCFQParserPlugin  ? Default no-user response
>>> (open documents only)
>>>
>>> 588547075 [http-bio-8080-exec-260] INFO  org.apache.solr.core.SolrCore
>>> ? [collection1] webapp=/solr path=/select
>>> params={q=*:*&fq=(content_source:Alfresco+AND+alf_acls%253A%2528GROUP_CTXRDP%2BOR%2BGROUP_ECM-Developer-Admins%2BOR%2BGROUP_EVERYONE%2BOR%2BGROUP_ExtendedReaders3e7350e3-ab94-4ecc-87fa-d59ad3deda23%2BOR%2BGROUP_GLS-IW-ADM-ECM-Manifold-Testing%2BOR%2BGROUP_Irish+Water+All+Hands%2BOR%2BGROUP_Jump-Server-Admins%2BOR%2BGROUP_iwaterdesktop%2BOR%2BGROUP_site_LegalServices%2BOR%2BGROUP_site_LegalServices_SiteConsumer%2529)+OR+(
>>> content_source:SharePoint+AND+AuthenticatedUserName%3Dljangra@iwater.ie)}
>>> hits=4404 status=0 QTime=96
>>>
>>> Here i get only 4404 results which i get if i select only alfresco as
>>> source without selecting sharepoint.
>>>
>>> 588159410 [http-bio-8080-exec-330] INFO
>>> org.apache.solr.mcf.ManifoldCFQParserPlugin  ? Default no-user response
>>> (open documents only)
>>>
>>> 588159479 [http-bio-8080-exec-330] INFO  org.apache.solr.core.SolrCore
>>> ? [collection1] webapp=/solr path=/select
>>> params={q=*:*&fq=(content_source:Alfresco+AND+alf_acls%253A%2528GROUP_CTXRDP%2BOR%2BGROUP_ECM-Developer-Admins%2BOR%2BGROUP_EVERYONE%2BOR%2BGROUP_ExtendedReaders3e7350e3-ab94-4ecc-87fa-d59ad3deda23%2BOR%2BGROUP_GLS-IW-ADM-ECM-Manifold-Testing%2BOR%2BGROUP_Irish+Water+All+Hands%2BOR%2BGROUP_Jump-Server-Admins%2BOR%2BGROUP_iwaterdesktop%2BOR%2BGROUP_site_LegalServices%2BOR%2BGROUP_site_LegalServices_SiteConsumer%2529)+OR+(
>>> content_source:SharePoint+AND+uthenticatedUserName%3Dljangra@iwater.ie)}
>>> hits=4404 status=0 QTime=70
>>>
>>>
>>> Then i moved to below structure where i need to pass
>>> sharepoint_expression as raw query parameters for filter queries.
>>>
>>> (alfresco_expression) OR (is_sharepoint) & sharepoint_expression
>>>
>>> This way i got results from both alfresco and sharepoint. Here i get
>>> 5425 results including alfresco as well as sharepoint.
>>>
>>> 588799237 [http-bio-8080-exec-331] INFO
>>> org.apache.solr.mcf.ManifoldCFQParserPlugin  ? Trying to match docs for
>>> user '[:ljangra@iwater.ie]'
>>>
>>> 588799238 [http-bio-8080-exec-331] INFO
>>> org.apache.http.impl.client.DefaultHttpClient  ? I/O exception
>>> (org.apache.http.NoHttpResponseException) caught when processing request:
>>> The target server failed to respond
>>>
>>> 588799239 [http-bio-8080-exec-331] INFO
>>> org.apache.http.impl.client.DefaultHttpClient  ? Retrying request
>>>
>>> 588799330 [http-bio-8080-exec-331] INFO
>>> org.apache.solr.mcf.ManifoldCFQParserPlugin  ? Saw authority response
>>> AUTHORIZED:SharePointAuthConnection
>>>
>>> 588799338 [http-bio-8080-exec-331] INFO  org.apache.solr.core.SolrCore
>>> ? [collection1] webapp=/solr path=/select
>>> params={q=*:*&fq=(content_source:Alfresco+AND+alf_acls%253A%2528GROUP_CTXRDP%2BOR%2BGROUP_ECM-Developer-Admins%2BOR%2BGROUP_EVERYONE%2BOR%2BGROUP_ExtendedReaders3e7350e3-ab94-4ecc-87fa-d59ad3deda23%2BOR%2BGROUP_GLS-IW-ADM-ECM-Manifold-Testing%2BOR%2BGROUP_Irish+Water+All+Hands%2BOR%2BGROUP_Jump-Server-Admins%2BOR%2BGROUP_iwaterdesktop%2BOR%2BGROUP_site_LegalServices%2BOR%2BGROUP_site_LegalServices_SiteConsumer%2529)+OR+content_source:SharePoint&AuthenticatedUserName=
>>> ljangra@iwater.ie} hits=5245 status=0 QTime=103
>>>
>>> Also for sharepoint only queries, if i try filter queries as below, i
>>> got no results.
>>>
>>> (sharepoint_expression AND is_sharepoint)
>>>
>>>
>>> 587320867 [http-bio-8080-exec-325] INFO
>>> org.apache.solr.mcf.ManifoldCFQParserPlugin  ? Trying to match docs for
>>> user '[:ljangra@iwater.ie]'
>>>
>>> 587320868 [http-bio-8080-exec-325] INFO
>>> org.apache.http.impl.client.DefaultHttpClient  ? I/O exception
>>> (org.apache.http.NoHttpResponseException) caught when processing request:
>>> The target server failed to respond
>>>
>>> 587320869 [http-bio-8080-exec-325] INFO
>>> org.apache.http.impl.client.DefaultHttpClient  ? Retrying request
>>>
>>> 587324291 [http-bio-8080-exec-325] INFO
>>> org.apache.solr.mcf.ManifoldCFQParserPlugin  ? Saw authority response
>>> AUTHORIZED:SharePointAuthConnection
>>>
>>> 587324292 [http-bio-8080-exec-325] INFO  org.apache.solr.core.SolrCore
>>> ? [collection1] webapp=/solr path=/select
>>> params={indent=true&q=*:*&_=1407823092895&wt=json&fq=
>>> content_source:SharePoint+AND+AuthenticatedUserName%3Dljangra@iwater.ie
>>> &AuthenticatedUserName=ljangra@iwater.ie} hits=0 status=0 QTime=3426
>>>
>>> 587338061 [http-bio-8080-exec-325] INFO
>>> org.apache.solr.mcf.ManifoldCFQParserPlugin  ? Default no-user response
>>> (open documents only)
>>>
>>> 587338061 [http-bio-8080-exec-325] INFO  org.apache.solr.core.SolrCore
>>> ? [collection1] webapp=/solr path=/select
>>> params={indent=true&q=*:*&_=1407823109996&wt=json&fq=
>>> content_source:SharePoint+AND+AuthenticatedUserName%3Dljangra@iwater.ie}
>>> hits=0 status=0 QTime=1
>>>
>>>
>>> But if i use sharepoint_expression as below , get results for
>>> sahrepoint only.
>>>
>>>
>>> fq=content_source:SharePoint&version=2&AuthenticatedUserName=
>>> ljangra@iwater.ie
>>>
>>>  589523637 [http-bio-8080-exec-260] INFO
>>> org.apache.solr.mcf.ManifoldCFQParserPlugin  ? Trying to match docs for
>>> user '[:ljangra@iwater.ie]'
>>>
>>> 589523639 [http-bio-8080-exec-260] INFO
>>> org.apache.http.impl.client.DefaultHttpClient  ? I/O exception
>>> (org.apache.http.NoHttpResponseException) caught when processing request:
>>> The target server failed to respond
>>>
>>> 589523639 [http-bio-8080-exec-260] INFO
>>> org.apache.http.impl.client.DefaultHttpClient  ? Retrying request
>>>
>>> 589523698 [http-bio-8080-exec-260] INFO
>>> org.apache.solr.mcf.ManifoldCFQParserPlugin  ? Saw authority response
>>> AUTHORIZED:SharePointAuthConnection
>>>
>>> 589523699 [http-bio-8080-exec-260] INFO  org.apache.solr.core.SolrCore
>>> ? [collection1] webapp=/solr path=/select
>>> params={sort=score+desc&df=text&q="lalit"&q.op=OR&wt=javabin&qt=/select&fq=content_source:SharePoint&version=2&AuthenticatedUserName=
>>> ljangra@iwater.ie} hits=35 status=0 QTime=62
>>>
>>>
>>> What i assume is whatever is passed with AuthenticatedUserName
>>> variable, it is compared with stored ACLs in index and accordingly results
>>> are displayed.
>>>
>>> Please suggest.
>>>
>>> regards.
>>>
>>>
>>> On Mon, Aug 11, 2014 at 10:59 PM, Karl Wright <daddywri@gmail.com>
>>> wrote:
>>>
>>>> Hi Lalit,
>>>>
>>>> First, if both Alfresco and SharePoint documents are indexed with the
>>>> same MCF instance, then you do
>>>> not need to play games like this.  You only need the one query that the
>>>> MCF solr plugin generates.
>>>>
>>>> If that's not the case, then what you want are two separate clauses
>>>> where one matches Alfresco documents and one clause that matches SharePoint
>>>> documents.  The expression therefore would look like this:
>>>>
>>>> (alfresco_expression AND is_alfresco) OR (sharepoint_expression AND
>>>> is_sharepoint)
>>>>
>>>>
>>>> It cannot look like this and work:
>>>>
>>>> (alfresco_expression OR sharepoint_expression) OR is_sharepoint
>>>>
>>>> That is nonsensical.
>>>> Karl
>>>>
>>>>
>>>>
>>>> On Mon, Aug 11, 2014 at 1:22 PM, lalit jangra <lalit.j.jangra@gmail.com
>>>> > wrote:
>>>>
>>>>> Thanks Karl,
>>>>>
>>>>> In this query i am searching for results in both alfresco and
>>>>> SharePoint. So before OR i am checking for alfresco ACLs and post OR
i am
>>>>> checking for SharePoint ACLs by supplying authenticatedusername .Hence
OR
>>>>> facilitates here for both options.
>>>>>  On Aug 11, 2014 10:44 PM, "Karl Wright" <daddywri@gmail.com> wrote:
>>>>>
>>>>>> Hi Lalit,
>>>>>>
>>>>>> Have a look at this query:
>>>>>>
>>>>>> 522471481 [http-bio-8080-exec-238] INFO
>>>>>> org.apache.solr.core.SolrCore  ? [collection1] webapp=/solr path=/select
>>>>>> params={sort=score+desc&df=text&q="blue"&q.op=OR&wt=javabin&qt=/select&fq=(content_source:Alfresco+AND+alf_acls%253A%2528GROUP_CTXRDP%2BOR%2BGROUP_ECM-Developer-Admins%2BOR%2BGROUP_EMAIL_CONTRIBUTORS%2BOR%2BGROUP_EVERYONE%2BOR%2BGROUP_ExtendedReaders3e7350e3-ab94-4ecc-87fa-d59ad3deda23%2BOR%2BGROUP_ExtendedWriters3e7350e3-ab94-4ecc-87fa-d59ad3deda23%2BOR%2BGROUP_GLS-IW-CTX-IWDesktop%2BOR%2BGROUP_GLS-IW-CTX-IWStandardUsers%2BOR%2BGROUP_Irish+Water+All+Hands%2BOR%2BGROUP_Jump-Server-Admins%2BOR%2BGROUP_site_LegalServices%2BOR%2BGROUP_site_LegalServices_SiteManager%2BOR%2BGROUP_site_asset-investment%2BOR%2BGROUP_site_asset-investment_SiteManager%2BOR%2BGROUP_site_asset-management%2BOR%2BGROUP_site_asset-management_SiteConsumer%2BOR%2BGROUP_site_asset-programmes%2BOR%2BGROUP_site_asset-programmes_SiteCollaborator%2BOR%2BGROUP_site_asset-programmes_SiteManager%2BOR%2BGROUP_site_asset-strategy%2BOR%2BGROUP_site_asset-strategy_SiteManager%2BOR%2BGROUP_site_capa%2BOR%2BGROUP_site_capa_SiteManager%2BOR%2BGROUP_site_capital-delivery%2BOR%2BGROUP_site_capital-delivery_SiteConsumer%2BOR%2BGROUP_site_communications%2BOR%2BGROUP_site_communications_SiteManager%2BOR%2BGROUP_site_customer-contacts%2BOR%2BGROUP_site_customer-contacts_SiteManager%2BOR%2BGROUP_site_hazcon%2BOR%2BGROUP_site_hazcon_SiteManager%2BOR%2BGROUP_site_human-resources%2BOR%2BGROUP_site_human-resources_SiteCollaborator%2BOR%2BGROUP_site_incident-management%2BOR%2BGROUP_site_incident-management_SiteManager%2BOR%2BGROUP_site_invoices%2BOR%2BGROUP_site_invoices_SiteManager%2BOR%2BGROUP_site_iwcontracts%2BOR%2BGROUP_site_iwcontracts_SiteManager%2BOR%2BGROUP_site_iwproject%2BOR%2BGROUP_site_iwproject_SiteManager%2BOR%2BGROUP_site_iwprojects%2BOR%2BGROUP_site_iwprojects_SiteManager%2BOR%2BGROUP_site_operations-and-maintenance%2BOR%2BGROUP_site_operations-and-maintenance_SiteManager%2BOR%2BGROUP_site_region-connaught-and-ulster%2BOR%2BGROUP_site_region-connaught-and-ulster_SiteCollaborator%2BOR%2BGROUP_site_region-east-and-midlands%2BOR%2BGROUP_site_region-east-and-midlands_SiteCollaborator%2BOR%2BGROUP_site_region-south-la-file-share%2BOR%2BGROUP_site_region-south-la-file-share_SiteCollaborator%2BOR%2BGROUP_site_rm%2BOR%2BGROUP_site_rm_SiteManager%2BOR%2BGROUP_site_site-water-investment-approvals-committee%2BOR%2BGROUP_site_site-water-investment-approvals-committee_SiteCollaborator%2BOR%2BGROUP_site_test-public%2BOR%2BGROUP_site_test-public_SiteManager%2BOR%2BGROUP_site_testing-private%2BOR%2BGROUP_site_testing-private_SiteManager%2529)+OR+content_source:SharePoint&version=2&AuthenticatedUserName=
>>>>>> vchauhan@iwater.ie} hits=11 status=0 QTime=10
>>>>>>
>>>>>>
>>>>>> Note the following at the very end of the fq field:
>>>>>> "+OR+content_source:SharePoint".  That will basically disable the
entire
>>>>>> rest of the filter and permit ALL documents through that were indexed
by
>>>>>> SharePoint.  It should be "+AND+content_source:SharePoint".
>>>>>>
>>>>>> Karl
>>>>>>
>>>>>>
>>>>>>
>>>>>> On Mon, Aug 11, 2014 at 1:05 PM, lalit jangra <
>>>>>> lalit.j.jangra@gmail.com> wrote:
>>>>>>
>>>>>>> Sure Karl,
>>>>>>>
>>>>>>> Can you let me know what type of logs you need?I am attaching
part
>>>>>>> of solr.log for your reference.
>>>>>>>
>>>>>>> Regards.
>>>>>>> On Aug 11, 2014 9:42 PM, "Karl Wright" <daddywri@gmail.com>
wrote:
>>>>>>>
>>>>>>>> Hi Lalit,
>>>>>>>>
>>>>>>>> Are you sure you are using the standard select query handler?
 In
>>>>>>>> order to convince me, you will need to enable appropriate
Solr logging so I
>>>>>>>> can see how a request is processed and whether the MCF solr
plugin is being
>>>>>>>> called.
>>>>>>>>
>>>>>>>> Karl
>>>>>>>>
>>>>>>>>
>>>>>>>>
>>>>>>>> On Mon, Aug 11, 2014 at 11:59 AM, lalit jangra <
>>>>>>>> lalit.j.jangra@gmail.com> wrote:
>>>>>>>>
>>>>>>>>> Thanks Karl,
>>>>>>>>>
>>>>>>>>> Below are my comments.
>>>>>>>>>
>>>>>>>>> 1. Your Solr query is in fact not hooked up to use the
appropriate
>>>>>>>>> MCF Solr plugin, in which case no security whatsoever
is being applied.
>>>>>>>>> --- Below is snippet from solrconfig.xml from one of
servers with
>>>>>>>>> MCF Solr plugin included and enabled with /select query
handler which i am
>>>>>>>>> using for search. I assume i need not to provide full
server name for AuthorityServiceBaseURL
>>>>>>>>> & instead localhost will work fine.
>>>>>>>>>
>>>>>>>>>
>>>>>>>>> <!-- ManifoldCF document security enforcement component
-->
>>>>>>>>>
>>>>>>>>>   <queryParser name="manifoldCFSecurity"
>>>>>>>>>
>>>>>>>>>     class="org.apache.solr.mcf.ManifoldCFQParserPlugin">
>>>>>>>>>
>>>>>>>>>     <str name="AuthorityServiceBaseURL">
>>>>>>>>> http://localhost:80/mcf-authority-service</str>
>>>>>>>>>
>>>>>>>>>     <int name="ConnectionPoolSize">50</int>
>>>>>>>>>
>>>>>>>>>   </queryParser>
>>>>>>>>>
>>>>>>>>>
>>>>>>>>>
>>>>>>>>>    <!-- ManifoldCF document security enforcement component
-->
>>>>>>>>>
>>>>>>>>>   <searchComponent name="manifoldCFSecurity"
>>>>>>>>>
>>>>>>>>>     class="org.apache.solr.mcf.ManifoldCFSearchComponent">
>>>>>>>>>
>>>>>>>>>     <str name="AuthorityServiceBaseURL">
>>>>>>>>> http://localhost:80/mcf-authority-service</str>
>>>>>>>>>
>>>>>>>>>     <int name="ConnectionPoolSize">50</int>
>>>>>>>>>
>>>>>>>>>   </searchComponent>
>>>>>>>>>
>>>>>>>>>
>>>>>>>>>
>>>>>>>>>
>>>>>>>>>
>>>>>>>>>   <requestHandler name="/select" class="solr.SearchHandler">
>>>>>>>>>
>>>>>>>>>      <lst name="defaults">
>>>>>>>>>
>>>>>>>>>        <str name="echoParams">explicit</str>
>>>>>>>>>
>>>>>>>>>        <int name="rows">10000</int>
>>>>>>>>>
>>>>>>>>>        <str name="df">text</str>
>>>>>>>>>
>>>>>>>>>      </lst>
>>>>>>>>>
>>>>>>>>>          <lst name="appends">
>>>>>>>>>
>>>>>>>>>                 <str name="fq">{!manifoldCFSecurity}</str>
>>>>>>>>>
>>>>>>>>>          </lst>
>>>>>>>>>
>>>>>>>>>   </requestHandler>
>>>>>>>>>
>>>>>>>>>
>>>>>>>>>
>>>>>>>>> Below is one of queries built for same using AuthenticatedUserName
>>>>>>>>>
>>>>>>>>>
>>>>>>>>>
>>>>>>>>> q=%22blue%22&q.op=OR&df=text&qt=%2Fselect&sort=score+desc&fq=content_source%3ASharePoint&AuthenticatedUserName=ljangra%
>>>>>>>>> 40iwater.ie
>>>>>>>>>
>>>>>>>>>
>>>>>>>>> 2. You are supposed to be able to see the documents,
but the URL
>>>>>>>>> ManifoldCF is generating does not permit you to log into
SharePoint for
>>>>>>>>> some reason.
>>>>>>>>> -- If i go to the location of the search result, i am
not able to
>>>>>>>>> see any document available there for me as per my permissions.
>>>>>>>>>
>>>>>>>>> 3. You indexed the documents with security "off", and
so no
>>>>>>>>> security information was attached to the documents in
Solr.
>>>>>>>>> --- I have enabled security before starting the job as
below.
>>>>>>>>>
>>>>>>>>>
>>>>>>>>> Please suggest.
>>>>>>>>>
>>>>>>>>> Regards.
>>>>>>>>>
>>>>>>>>>
>>>>>>>>> On Mon, Aug 11, 2014 at 5:17 PM, Karl Wright <daddywri@gmail.com>
>>>>>>>>> wrote:
>>>>>>>>>
>>>>>>>>>> Hi Lalit,
>>>>>>>>>>
>>>>>>>>>> There are a number of possibilities.  You will need
to do some
>>>>>>>>>> investigation to figure out which one it is.  Here
are the possibilities I
>>>>>>>>>> see:
>>>>>>>>>>
>>>>>>>>>> (1) Your Solr query is in fact not hooked up to use
the
>>>>>>>>>> appropriate MCF Solr plugin, in which case no security
whatsoever is being
>>>>>>>>>> applied.
>>>>>>>>>> (2) You are supposed to be able to see the documents,
but the URL
>>>>>>>>>> ManifoldCF is generating does not permit you to log
into SharePoint for
>>>>>>>>>> some reason.
>>>>>>>>>> (3) You indexed the documents with security "off",
and so no
>>>>>>>>>> security information was attached to the documents
in Solr.
>>>>>>>>>>
>>>>>>>>>> Thanks,
>>>>>>>>>> Karl
>>>>>>>>>>
>>>>>>>>>>
>>>>>>>>>>
>>>>>>>>>> On Mon, Aug 11, 2014 at 7:30 AM, lalit jangra <
>>>>>>>>>> lalit.j.jangra@gmail.com> wrote:
>>>>>>>>>>
>>>>>>>>>>> Hi,
>>>>>>>>>>>
>>>>>>>>>>> I am using MCF 1.5.1 and crawling SharePoint
2010 list items. I
>>>>>>>>>>> have also placed MCF solr ACL plugin into solr
instances and updated
>>>>>>>>>>> solrconfig.xml for same. I created a job to connect
to SharePoint and
>>>>>>>>>>> indexed list items in solr.
>>>>>>>>>>>
>>>>>>>>>>> Next i am searching for content items from index
and what i
>>>>>>>>>>> could see is that i am able to see search results
for content on which i do
>>>>>>>>>>> not have any access. I can see these content
into search results but when i
>>>>>>>>>>> am trying to aceess these content , i can getting
SharePoint access denied
>>>>>>>>>>> error. Ideally if a user has no access to a content,
he should not be see
>>>>>>>>>>> these content.
>>>>>>>>>>>
>>>>>>>>>>> Am i missing anything here?
>>>>>>>>>>>
>>>>>>>>>>> Regards,
>>>>>>>>>>> Lalit.
>>>>>>>>>>>
>>>>>>>>>>
>>>>>>>>>>
>>>>>>>>>
>>>>>>>>>
>>>>>>>>> --
>>>>>>>>> Regards,
>>>>>>>>> Lalit.
>>>>>>>>>
>>>>>>>>
>>>>>>>>
>>>>>>
>>>>
>>>
>>>
>>> --
>>> Regards,
>>> Lalit.
>>>
>>
>>
>
>
> --
> Regards,
> Lalit.
>

Mime
View raw message