manifoldcf-user mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From lalit jangra <lalit.j.jan...@gmail.com>
Subject Re: Solr MCF ACL Plugin
Date Tue, 12 Aug 2014 08:23:23 GMT
Thanks Karl for promptness,

Invoking http://<your_mcf_instance/mcf-authority-service/UserACLs?username=
ljangra@iwater.ie gives me below ACLs which seem to be fine to me.

AUTHORIZED:SharePointAuthConnection

TOKEN:SharepointAuthGroup:Ui%3A0%23.w%7Ciwater.ie%255cljangra

TOKEN:SharepointAuthGroup:Uc%3A0%2B.w%7Cs-1-5-32-545

TOKEN:SharepointAuthGroup:Uc%3A0%2B.w%7Cs-1-5-21-2630432783-15384281-2988178474-15263

TOKEN:SharepointAuthGroup:Uc%3A0%2B.w%7Cs-1-5-21-2630432783-15384281-2988178474-513

TOKEN:SharepointAuthGroup:Uc%3A0%2B.w%7Cs-1-5-21-2630432783-15384281-2988178474-13472

TOKEN:SharepointAuthGroup:Uc%3A0%2B.w%7Cs-1-5-21-2630432783-15384281-2988178474-3182

TOKEN:SharepointAuthGroup:Uc%3A0%2B.w%7Cs-1-5-21-2630432783-15384281-2988178474-1619

TOKEN:SharepointAuthGroup:Uc%3A0%2B.w%7Cs-1-5-21-2630432783-15384281-2988178474-1813

TOKEN:SharepointAuthGroup:Ui%3A0%2B.w%7Cs-1-5-21-2630432783-15384281-2988178474-12149

TOKEN:SharepointAuthGroup:Uc%3A0%21.s%7Cwindows

TOKEN:SharepointAuthGroup:Uc%3A0%28.s%7Ctrue

I got it now, the missing part is absence of user tokens in solr query as
you mentioned.

Please suggest.

Regards.



On Tue, Aug 12, 2014 at 12:32 PM, Karl Wright <daddywri@gmail.com> wrote:

> Hi Lalit,
>
> The MCF plugin does this:
> - Looks for the AuthenticatedUserName parameter
> - Sends the AuthenticatedUserName parameter to ManifoldCF's authority
> service, and gets back user tokens
> - Constructs a filter query (fq) expression from the user tokens
>
> It's very hard for me to guess which acls come from your SharePoint
> instance and which come from your Alfresco instance.  But this is almost
> certainly wrong:
>
> fq=content_source:SharePoint&version=2&AuthenticatedUserName=
> ljangra@iwater.ie
> ... because there are no access tokens whatsoever.
>
> This too has no ACLs:
> fq=content_source:SharePoint+AND+AuthenticatedUserName%3Dljangra@iwater.ie
>
>
> This has access tokens, but they seem to all be from Alfresco:
>
> fq=(content_source:Alfresco+AND+alf_acls%253A%2528GROUP_CTXRDP%2BOR%2BGROUP_ECM-Developer-Admins%2BOR%2BGROUP_EVERYONE%2BOR%2BGROUP_ExtendedReaders3e7350e3-ab94-4ecc-87fa-d59ad3deda23%2BOR%2BGROUP_GLS-IW-ADM-ECM-Manifold-Testing%2BOR%2BGROUP_Irish+Water+All+Hands%2BOR%2BGROUP_Jump-Server-Admins%2BOR%2BGROUP_iwaterdesktop%2BOR%2BGROUP_site_LegalServices%2BOR%2BGROUP_site_LegalServices_SiteConsumer%2529)+OR+content_source:SharePoint&AuthenticatedUserName=
> ljangra@iwater.ie
>
> So frankly I see no evidence that you are including any SharePoint access
> tokens in your query at all.  Could you do the following:
>
> curl "http://<your_mcf_instance/mcf-authority-service/UserACLs?username=
> ljangra@iwater.ie"
>
> ... and send me what you get back?  If that looks good, I suggest that you
> are probably overwriting the mcf plugin's fq entirely, and not including it
> in your expression.
>
> Thanks,
> Karl
>
>
>
>
> On Tue, Aug 12, 2014 at 2:38 AM, lalit jangra <lalit.j.jangra@gmail.com>
> wrote:
>
>> Thanks Karl,
>>
>> I am working with filter queries here and initially i tried to put filter
>> queries as below but it did not work and i got only alfresco content.
>>
>> (alfresco_expression AND is_alfresco) OR (sharepoint_expression AND
>> is_sharepoint)
>>
>> Here is query from solr logs for same.
>>
>> 588159410 [http-bio-8080-exec-330] INFO
>> org.apache.solr.mcf.ManifoldCFQParserPlugin  ? Default no-user response
>> (open documents only)
>>
>> 588547075 [http-bio-8080-exec-260] INFO  org.apache.solr.core.SolrCore  ?
>> [collection1] webapp=/solr path=/select
>> params={q=*:*&fq=(content_source:Alfresco+AND+alf_acls%253A%2528GROUP_CTXRDP%2BOR%2BGROUP_ECM-Developer-Admins%2BOR%2BGROUP_EVERYONE%2BOR%2BGROUP_ExtendedReaders3e7350e3-ab94-4ecc-87fa-d59ad3deda23%2BOR%2BGROUP_GLS-IW-ADM-ECM-Manifold-Testing%2BOR%2BGROUP_Irish+Water+All+Hands%2BOR%2BGROUP_Jump-Server-Admins%2BOR%2BGROUP_iwaterdesktop%2BOR%2BGROUP_site_LegalServices%2BOR%2BGROUP_site_LegalServices_SiteConsumer%2529)+OR+(
>> content_source:SharePoint+AND+AuthenticatedUserName%3Dljangra@iwater.ie)}
>> hits=4404 status=0 QTime=96
>>
>> Here i get only 4404 results which i get if i select only alfresco as
>> source without selecting sharepoint.
>>
>> 588159410 [http-bio-8080-exec-330] INFO
>> org.apache.solr.mcf.ManifoldCFQParserPlugin  ? Default no-user response
>> (open documents only)
>>
>> 588159479 [http-bio-8080-exec-330] INFO  org.apache.solr.core.SolrCore  ?
>> [collection1] webapp=/solr path=/select
>> params={q=*:*&fq=(content_source:Alfresco+AND+alf_acls%253A%2528GROUP_CTXRDP%2BOR%2BGROUP_ECM-Developer-Admins%2BOR%2BGROUP_EVERYONE%2BOR%2BGROUP_ExtendedReaders3e7350e3-ab94-4ecc-87fa-d59ad3deda23%2BOR%2BGROUP_GLS-IW-ADM-ECM-Manifold-Testing%2BOR%2BGROUP_Irish+Water+All+Hands%2BOR%2BGROUP_Jump-Server-Admins%2BOR%2BGROUP_iwaterdesktop%2BOR%2BGROUP_site_LegalServices%2BOR%2BGROUP_site_LegalServices_SiteConsumer%2529)+OR+(
>> content_source:SharePoint+AND+uthenticatedUserName%3Dljangra@iwater.ie)}
>> hits=4404 status=0 QTime=70
>>
>>
>> Then i moved to below structure where i need to pass
>> sharepoint_expression as raw query parameters for filter queries.
>>
>> (alfresco_expression) OR (is_sharepoint) & sharepoint_expression
>>
>> This way i got results from both alfresco and sharepoint. Here i get 5425
>> results including alfresco as well as sharepoint.
>>
>> 588799237 [http-bio-8080-exec-331] INFO
>> org.apache.solr.mcf.ManifoldCFQParserPlugin  ? Trying to match docs for
>> user '[:ljangra@iwater.ie]'
>>
>> 588799238 [http-bio-8080-exec-331] INFO
>> org.apache.http.impl.client.DefaultHttpClient  ? I/O exception
>> (org.apache.http.NoHttpResponseException) caught when processing request:
>> The target server failed to respond
>>
>> 588799239 [http-bio-8080-exec-331] INFO
>> org.apache.http.impl.client.DefaultHttpClient  ? Retrying request
>>
>> 588799330 [http-bio-8080-exec-331] INFO
>> org.apache.solr.mcf.ManifoldCFQParserPlugin  ? Saw authority response
>> AUTHORIZED:SharePointAuthConnection
>>
>> 588799338 [http-bio-8080-exec-331] INFO  org.apache.solr.core.SolrCore  ?
>> [collection1] webapp=/solr path=/select
>> params={q=*:*&fq=(content_source:Alfresco+AND+alf_acls%253A%2528GROUP_CTXRDP%2BOR%2BGROUP_ECM-Developer-Admins%2BOR%2BGROUP_EVERYONE%2BOR%2BGROUP_ExtendedReaders3e7350e3-ab94-4ecc-87fa-d59ad3deda23%2BOR%2BGROUP_GLS-IW-ADM-ECM-Manifold-Testing%2BOR%2BGROUP_Irish+Water+All+Hands%2BOR%2BGROUP_Jump-Server-Admins%2BOR%2BGROUP_iwaterdesktop%2BOR%2BGROUP_site_LegalServices%2BOR%2BGROUP_site_LegalServices_SiteConsumer%2529)+OR+content_source:SharePoint&AuthenticatedUserName=
>> ljangra@iwater.ie} hits=5245 status=0 QTime=103
>>
>> Also for sharepoint only queries, if i try filter queries as below, i got
>> no results.
>>
>> (sharepoint_expression AND is_sharepoint)
>>
>>
>> 587320867 [http-bio-8080-exec-325] INFO
>> org.apache.solr.mcf.ManifoldCFQParserPlugin  ? Trying to match docs for
>> user '[:ljangra@iwater.ie]'
>>
>> 587320868 [http-bio-8080-exec-325] INFO
>> org.apache.http.impl.client.DefaultHttpClient  ? I/O exception
>> (org.apache.http.NoHttpResponseException) caught when processing request:
>> The target server failed to respond
>>
>> 587320869 [http-bio-8080-exec-325] INFO
>> org.apache.http.impl.client.DefaultHttpClient  ? Retrying request
>>
>> 587324291 [http-bio-8080-exec-325] INFO
>> org.apache.solr.mcf.ManifoldCFQParserPlugin  ? Saw authority response
>> AUTHORIZED:SharePointAuthConnection
>>
>> 587324292 [http-bio-8080-exec-325] INFO  org.apache.solr.core.SolrCore  ?
>> [collection1] webapp=/solr path=/select
>> params={indent=true&q=*:*&_=1407823092895&wt=json&fq=
>> content_source:SharePoint+AND+AuthenticatedUserName%3Dljangra@iwater.ie
>> &AuthenticatedUserName=ljangra@iwater.ie} hits=0 status=0 QTime=3426
>>
>> 587338061 [http-bio-8080-exec-325] INFO
>> org.apache.solr.mcf.ManifoldCFQParserPlugin  ? Default no-user response
>> (open documents only)
>>
>> 587338061 [http-bio-8080-exec-325] INFO  org.apache.solr.core.SolrCore  ?
>> [collection1] webapp=/solr path=/select
>> params={indent=true&q=*:*&_=1407823109996&wt=json&fq=
>> content_source:SharePoint+AND+AuthenticatedUserName%3Dljangra@iwater.ie}
>> hits=0 status=0 QTime=1
>>
>>
>> But if i use sharepoint_expression as below , get results for sahrepoint
>> only.
>>
>>
>> fq=content_source:SharePoint&version=2&AuthenticatedUserName=
>> ljangra@iwater.ie
>>
>>  589523637 [http-bio-8080-exec-260] INFO
>> org.apache.solr.mcf.ManifoldCFQParserPlugin  ? Trying to match docs for
>> user '[:ljangra@iwater.ie]'
>>
>> 589523639 [http-bio-8080-exec-260] INFO
>> org.apache.http.impl.client.DefaultHttpClient  ? I/O exception
>> (org.apache.http.NoHttpResponseException) caught when processing request:
>> The target server failed to respond
>>
>> 589523639 [http-bio-8080-exec-260] INFO
>> org.apache.http.impl.client.DefaultHttpClient  ? Retrying request
>>
>> 589523698 [http-bio-8080-exec-260] INFO
>> org.apache.solr.mcf.ManifoldCFQParserPlugin  ? Saw authority response
>> AUTHORIZED:SharePointAuthConnection
>>
>> 589523699 [http-bio-8080-exec-260] INFO  org.apache.solr.core.SolrCore  ?
>> [collection1] webapp=/solr path=/select
>> params={sort=score+desc&df=text&q="lalit"&q.op=OR&wt=javabin&qt=/select&fq=content_source:SharePoint&version=2&AuthenticatedUserName=
>> ljangra@iwater.ie} hits=35 status=0 QTime=62
>>
>>
>> What i assume is whatever is passed with AuthenticatedUserName variable,
>> it is compared with stored ACLs in index and accordingly results are
>> displayed.
>>
>> Please suggest.
>>
>> regards.
>>
>>
>> On Mon, Aug 11, 2014 at 10:59 PM, Karl Wright <daddywri@gmail.com> wrote:
>>
>>> Hi Lalit,
>>>
>>> First, if both Alfresco and SharePoint documents are indexed with the
>>> same MCF instance, then you do
>>> not need to play games like this.  You only need the one query that the
>>> MCF solr plugin generates.
>>>
>>> If that's not the case, then what you want are two separate clauses
>>> where one matches Alfresco documents and one clause that matches SharePoint
>>> documents.  The expression therefore would look like this:
>>>
>>> (alfresco_expression AND is_alfresco) OR (sharepoint_expression AND
>>> is_sharepoint)
>>>
>>>
>>> It cannot look like this and work:
>>>
>>> (alfresco_expression OR sharepoint_expression) OR is_sharepoint
>>>
>>> That is nonsensical.
>>> Karl
>>>
>>>
>>>
>>> On Mon, Aug 11, 2014 at 1:22 PM, lalit jangra <lalit.j.jangra@gmail.com>
>>> wrote:
>>>
>>>> Thanks Karl,
>>>>
>>>> In this query i am searching for results in both alfresco and
>>>> SharePoint. So before OR i am checking for alfresco ACLs and post OR i am
>>>> checking for SharePoint ACLs by supplying authenticatedusername .Hence OR
>>>> facilitates here for both options.
>>>>  On Aug 11, 2014 10:44 PM, "Karl Wright" <daddywri@gmail.com> wrote:
>>>>
>>>>> Hi Lalit,
>>>>>
>>>>> Have a look at this query:
>>>>>
>>>>> 522471481 [http-bio-8080-exec-238] INFO
>>>>> org.apache.solr.core.SolrCore  ? [collection1] webapp=/solr path=/select
>>>>> params={sort=score+desc&df=text&q="blue"&q.op=OR&wt=javabin&qt=/select&fq=(content_source:Alfresco+AND+alf_acls%253A%2528GROUP_CTXRDP%2BOR%2BGROUP_ECM-Developer-Admins%2BOR%2BGROUP_EMAIL_CONTRIBUTORS%2BOR%2BGROUP_EVERYONE%2BOR%2BGROUP_ExtendedReaders3e7350e3-ab94-4ecc-87fa-d59ad3deda23%2BOR%2BGROUP_ExtendedWriters3e7350e3-ab94-4ecc-87fa-d59ad3deda23%2BOR%2BGROUP_GLS-IW-CTX-IWDesktop%2BOR%2BGROUP_GLS-IW-CTX-IWStandardUsers%2BOR%2BGROUP_Irish+Water+All+Hands%2BOR%2BGROUP_Jump-Server-Admins%2BOR%2BGROUP_site_LegalServices%2BOR%2BGROUP_site_LegalServices_SiteManager%2BOR%2BGROUP_site_asset-investment%2BOR%2BGROUP_site_asset-investment_SiteManager%2BOR%2BGROUP_site_asset-management%2BOR%2BGROUP_site_asset-management_SiteConsumer%2BOR%2BGROUP_site_asset-programmes%2BOR%2BGROUP_site_asset-programmes_SiteCollaborator%2BOR%2BGROUP_site_asset-programmes_SiteManager%2BOR%2BGROUP_site_asset-strategy%2BOR%2BGROUP_site_asset-strategy_SiteManager%2BOR%2BGROUP_site_capa%2BOR%2BGROUP_site_capa_SiteManager%2BOR%2BGROUP_site_capital-delivery%2BOR%2BGROUP_site_capital-delivery_SiteConsumer%2BOR%2BGROUP_site_communications%2BOR%2BGROUP_site_communications_SiteManager%2BOR%2BGROUP_site_customer-contacts%2BOR%2BGROUP_site_customer-contacts_SiteManager%2BOR%2BGROUP_site_hazcon%2BOR%2BGROUP_site_hazcon_SiteManager%2BOR%2BGROUP_site_human-resources%2BOR%2BGROUP_site_human-resources_SiteCollaborator%2BOR%2BGROUP_site_incident-management%2BOR%2BGROUP_site_incident-management_SiteManager%2BOR%2BGROUP_site_invoices%2BOR%2BGROUP_site_invoices_SiteManager%2BOR%2BGROUP_site_iwcontracts%2BOR%2BGROUP_site_iwcontracts_SiteManager%2BOR%2BGROUP_site_iwproject%2BOR%2BGROUP_site_iwproject_SiteManager%2BOR%2BGROUP_site_iwprojects%2BOR%2BGROUP_site_iwprojects_SiteManager%2BOR%2BGROUP_site_operations-and-maintenance%2BOR%2BGROUP_site_operations-and-maintenance_SiteManager%2BOR%2BGROUP_site_region-connaught-and-ulster%2BOR%2BGROUP_site_region-connaught-and-ulster_SiteCollaborator%2BOR%2BGROUP_site_region-east-and-midlands%2BOR%2BGROUP_site_region-east-and-midlands_SiteCollaborator%2BOR%2BGROUP_site_region-south-la-file-share%2BOR%2BGROUP_site_region-south-la-file-share_SiteCollaborator%2BOR%2BGROUP_site_rm%2BOR%2BGROUP_site_rm_SiteManager%2BOR%2BGROUP_site_site-water-investment-approvals-committee%2BOR%2BGROUP_site_site-water-investment-approvals-committee_SiteCollaborator%2BOR%2BGROUP_site_test-public%2BOR%2BGROUP_site_test-public_SiteManager%2BOR%2BGROUP_site_testing-private%2BOR%2BGROUP_site_testing-private_SiteManager%2529)+OR+content_source:SharePoint&version=2&AuthenticatedUserName=
>>>>> vchauhan@iwater.ie} hits=11 status=0 QTime=10
>>>>>
>>>>>
>>>>> Note the following at the very end of the fq field:
>>>>> "+OR+content_source:SharePoint".  That will basically disable the entire
>>>>> rest of the filter and permit ALL documents through that were indexed
by
>>>>> SharePoint.  It should be "+AND+content_source:SharePoint".
>>>>>
>>>>> Karl
>>>>>
>>>>>
>>>>>
>>>>> On Mon, Aug 11, 2014 at 1:05 PM, lalit jangra <
>>>>> lalit.j.jangra@gmail.com> wrote:
>>>>>
>>>>>> Sure Karl,
>>>>>>
>>>>>> Can you let me know what type of logs you need?I am attaching part
of
>>>>>> solr.log for your reference.
>>>>>>
>>>>>> Regards.
>>>>>> On Aug 11, 2014 9:42 PM, "Karl Wright" <daddywri@gmail.com>
wrote:
>>>>>>
>>>>>>> Hi Lalit,
>>>>>>>
>>>>>>> Are you sure you are using the standard select query handler?
 In
>>>>>>> order to convince me, you will need to enable appropriate Solr
logging so I
>>>>>>> can see how a request is processed and whether the MCF solr plugin
is being
>>>>>>> called.
>>>>>>>
>>>>>>> Karl
>>>>>>>
>>>>>>>
>>>>>>>
>>>>>>> On Mon, Aug 11, 2014 at 11:59 AM, lalit jangra <
>>>>>>> lalit.j.jangra@gmail.com> wrote:
>>>>>>>
>>>>>>>> Thanks Karl,
>>>>>>>>
>>>>>>>> Below are my comments.
>>>>>>>>
>>>>>>>> 1. Your Solr query is in fact not hooked up to use the appropriate
>>>>>>>> MCF Solr plugin, in which case no security whatsoever is
being applied.
>>>>>>>> --- Below is snippet from solrconfig.xml from one of servers
with
>>>>>>>> MCF Solr plugin included and enabled with /select query handler
which i am
>>>>>>>> using for search. I assume i need not to provide full server
name for AuthorityServiceBaseURL
>>>>>>>> & instead localhost will work fine.
>>>>>>>>
>>>>>>>>
>>>>>>>> <!-- ManifoldCF document security enforcement component
-->
>>>>>>>>
>>>>>>>>   <queryParser name="manifoldCFSecurity"
>>>>>>>>
>>>>>>>>     class="org.apache.solr.mcf.ManifoldCFQParserPlugin">
>>>>>>>>
>>>>>>>>     <str name="AuthorityServiceBaseURL">
>>>>>>>> http://localhost:80/mcf-authority-service</str>
>>>>>>>>
>>>>>>>>     <int name="ConnectionPoolSize">50</int>
>>>>>>>>
>>>>>>>>   </queryParser>
>>>>>>>>
>>>>>>>>
>>>>>>>>
>>>>>>>>    <!-- ManifoldCF document security enforcement component
-->
>>>>>>>>
>>>>>>>>   <searchComponent name="manifoldCFSecurity"
>>>>>>>>
>>>>>>>>     class="org.apache.solr.mcf.ManifoldCFSearchComponent">
>>>>>>>>
>>>>>>>>     <str name="AuthorityServiceBaseURL">
>>>>>>>> http://localhost:80/mcf-authority-service</str>
>>>>>>>>
>>>>>>>>     <int name="ConnectionPoolSize">50</int>
>>>>>>>>
>>>>>>>>   </searchComponent>
>>>>>>>>
>>>>>>>>
>>>>>>>>
>>>>>>>>
>>>>>>>>
>>>>>>>>   <requestHandler name="/select" class="solr.SearchHandler">
>>>>>>>>
>>>>>>>>      <lst name="defaults">
>>>>>>>>
>>>>>>>>        <str name="echoParams">explicit</str>
>>>>>>>>
>>>>>>>>        <int name="rows">10000</int>
>>>>>>>>
>>>>>>>>        <str name="df">text</str>
>>>>>>>>
>>>>>>>>      </lst>
>>>>>>>>
>>>>>>>>          <lst name="appends">
>>>>>>>>
>>>>>>>>                 <str name="fq">{!manifoldCFSecurity}</str>
>>>>>>>>
>>>>>>>>          </lst>
>>>>>>>>
>>>>>>>>   </requestHandler>
>>>>>>>>
>>>>>>>>
>>>>>>>>
>>>>>>>> Below is one of queries built for same using AuthenticatedUserName
>>>>>>>>
>>>>>>>>
>>>>>>>>
>>>>>>>> q=%22blue%22&q.op=OR&df=text&qt=%2Fselect&sort=score+desc&fq=content_source%3ASharePoint&AuthenticatedUserName=ljangra%
>>>>>>>> 40iwater.ie
>>>>>>>>
>>>>>>>>
>>>>>>>> 2. You are supposed to be able to see the documents, but
the URL
>>>>>>>> ManifoldCF is generating does not permit you to log into
SharePoint for
>>>>>>>> some reason.
>>>>>>>> -- If i go to the location of the search result, i am not
able to
>>>>>>>> see any document available there for me as per my permissions.
>>>>>>>>
>>>>>>>> 3. You indexed the documents with security "off", and so
no
>>>>>>>> security information was attached to the documents in Solr.
>>>>>>>> --- I have enabled security before starting the job as below.
>>>>>>>>
>>>>>>>>
>>>>>>>> Please suggest.
>>>>>>>>
>>>>>>>> Regards.
>>>>>>>>
>>>>>>>>
>>>>>>>> On Mon, Aug 11, 2014 at 5:17 PM, Karl Wright <daddywri@gmail.com>
>>>>>>>> wrote:
>>>>>>>>
>>>>>>>>> Hi Lalit,
>>>>>>>>>
>>>>>>>>> There are a number of possibilities.  You will need to
do some
>>>>>>>>> investigation to figure out which one it is.  Here are
the possibilities I
>>>>>>>>> see:
>>>>>>>>>
>>>>>>>>> (1) Your Solr query is in fact not hooked up to use the
>>>>>>>>> appropriate MCF Solr plugin, in which case no security
whatsoever is being
>>>>>>>>> applied.
>>>>>>>>> (2) You are supposed to be able to see the documents,
but the URL
>>>>>>>>> ManifoldCF is generating does not permit you to log into
SharePoint for
>>>>>>>>> some reason.
>>>>>>>>> (3) You indexed the documents with security "off", and
so no
>>>>>>>>> security information was attached to the documents in
Solr.
>>>>>>>>>
>>>>>>>>> Thanks,
>>>>>>>>> Karl
>>>>>>>>>
>>>>>>>>>
>>>>>>>>>
>>>>>>>>> On Mon, Aug 11, 2014 at 7:30 AM, lalit jangra <
>>>>>>>>> lalit.j.jangra@gmail.com> wrote:
>>>>>>>>>
>>>>>>>>>> Hi,
>>>>>>>>>>
>>>>>>>>>> I am using MCF 1.5.1 and crawling SharePoint 2010
list items. I
>>>>>>>>>> have also placed MCF solr ACL plugin into solr instances
and updated
>>>>>>>>>> solrconfig.xml for same. I created a job to connect
to SharePoint and
>>>>>>>>>> indexed list items in solr.
>>>>>>>>>>
>>>>>>>>>> Next i am searching for content items from index
and what i could
>>>>>>>>>> see is that i am able to see search results for content
on which i do not
>>>>>>>>>> have any access. I can see these content into search
results but when i am
>>>>>>>>>> trying to aceess these content , i can getting SharePoint
access denied
>>>>>>>>>> error. Ideally if a user has no access to a content,
he should not be see
>>>>>>>>>> these content.
>>>>>>>>>>
>>>>>>>>>> Am i missing anything here?
>>>>>>>>>>
>>>>>>>>>> Regards,
>>>>>>>>>> Lalit.
>>>>>>>>>>
>>>>>>>>>
>>>>>>>>>
>>>>>>>>
>>>>>>>>
>>>>>>>> --
>>>>>>>> Regards,
>>>>>>>> Lalit.
>>>>>>>>
>>>>>>>
>>>>>>>
>>>>>
>>>
>>
>>
>> --
>> Regards,
>> Lalit.
>>
>
>


-- 
Regards,
Lalit.

Mime
View raw message