The idea would be to create an own TokenFilter that encrypt the email tokens. If you use this filter in addition to the other TokenFilter only for the query side, but not the indexing chain, you can easiliy do this. During indexing, the tokens are left unchanged (encrypted). On the search side, the user input for that field is automatically encrypted during tokenization and the index is searched for the encrypted email.
----- Uwe Schindler H.-H.-Meier-Allee 63, D-28213 Bremen http://www.thetaphi.de <http://www.thetaphi.de/> eMail: [email protected] From: arekanderu [mailto:[email protected]] Sent: Sunday, October 10, 2010 5:17 PM To: [email protected] Subject: encrypted data and mcrypt plugin Hello, I have a users mysql table and one of the columns is the email address of the user. For security reasons all emails are kept encrypted (with the use of mcrypt library) inside the database. Unfortunately this creates a problem when solr indexes the user data. The solution i can think of is to create a solr plugin/filter to decrypt the email address before indexing but that kinda defeats the whole purpose of the encryption in the first place. The other thing i thought of is to encrypt the email before i submit it to solr for querying but in that way i can only search for exact matches. I am looking for any input on this and I am also willing to pay for the development of a plugin which will handle the decryption of the email before it gets indexed - if that's a good idea in the first place -. Thank you for any replies
