On Wed, 24 Jun 2009 23:20:26 -0700 (PDT) pof <melbournebeerba...@gmail.com> wrote:
> > Hi, I am wanting to add document-level security that works as following: An > external process makes a query to the index, depending on their security > allowences based of a login id a list of hits are returned minus any the > user are meant to know even exist. I was thinking maybe a custom filter with > a JDBC connection to check security of the user vs. the document. I'm not > sure how I would add the filter or how to write the filter or how to get the > login id from a GET parameter. Any suggestions, comments etc.? Hi Brett, (keeping in mind that i've been away from SOLR for 8 months, but i dont think this was added of late) standard approach is to manage security @ your application layer, not @ SOLR. ie, search, return documents (which should contain some kind of data to identify their ACL ) and then you can decide whether to show it or not. HIH _________________________ {Beto|Norberto|Numard} Meijome "They never open their mouths without subtracting from the sum of human knowledge." Thomas Brackett Reed I speak for myself, not my employer. Contents may be hot. Slippery when wet. Reading disclaimers makes you go blind. Writing them is worse. You have been Warned.