[
https://issues.apache.org/jira/browse/SOLR-1895?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=13116969#comment-13116969
]
Chris Male commented on SOLR-1895:
----------------------------------
Is the intention to go ahead and add this as a contrib? I really feel that is a
mistake.
{quote}
The most important to me is that great contributions like this are being
welcomed and brought out to Solr users somehow, whether the code lives here or
there from the start. As I have a few projects in the workings that need
non-mcf security filtering integration with Solr I'd be contributing to this
code base.
{quote}
Absolutely and by this code being in MCF, any MCF + Solr users will find it.
{quote}
Another way to think of contrib is as a great way to introduce people to
integration with components that may be of interest to their search app. A new
Solr user would browse contrib and think "I don't need dataImportHandler, or
clustering, but I could surely use extraction, langId and security". She may
not even be familiar with any of Carrot2, Tika or MCF in advance. Connectors
and security is important to more Solr users than e.g. clustering is, in my
experience.
{quote}
You have a valid point on the importance of some features over others, but that
doesn't mean we should have them all in Solr. Contrib shouldn't be a dropoff
point for everything that is related to Solr or Lucene, especially when there
are active projects with active committers where the code could live.
ManifoldCF seems to be all about Connectors and Security, so why should Solr
get into that?
> ManifoldCF SearchComponent plugin for enforcing ManifoldCF security at search
> time
> ----------------------------------------------------------------------------------
>
> Key: SOLR-1895
> URL: https://issues.apache.org/jira/browse/SOLR-1895
> Project: Solr
> Issue Type: New Feature
> Components: SearchComponents - other
> Reporter: Karl Wright
> Labels: document, security, solr
> Fix For: 3.5, 4.0
>
> Attachments: LCFSecurityFilter.java, LCFSecurityFilter.java,
> LCFSecurityFilter.java, LCFSecurityFilter.java, SOLR-1895-queries.patch,
> SOLR-1895-queries.patch, SOLR-1895-queries.patch, SOLR-1895-queries.patch,
> SOLR-1895-queries.patch, SOLR-1895-service-plugin.patch,
> SOLR-1895-service-plugin.patch, SOLR-1895.patch, SOLR-1895.patch,
> SOLR-1895.patch, SOLR-1895.patch, SOLR-1895.patch, SOLR-1895.patch
>
>
> I've written an LCF SearchComponent which filters returned results based on
> access tokens provided by LCF's authority service. The component requires
> you to configure the appropriate authority service URL base, e.g.:
> <!-- LCF document security enforcement component -->
> <searchComponent name="lcfSecurity" class="LCFSecurityFilter">
> <str
> name="AuthorityServiceBaseURL">http://localhost:8080/lcf-authority-service</str>
> </searchComponent>
> Also required are the following schema.xml additions:
> <!-- Security fields -->
> <field name="allow_token_document" type="string" indexed="true"
> stored="false" multiValued="true"/>
> <field name="deny_token_document" type="string" indexed="true"
> stored="false" multiValued="true"/>
> <field name="allow_token_share" type="string" indexed="true"
> stored="false" multiValued="true"/>
> <field name="deny_token_share" type="string" indexed="true" stored="false"
> multiValued="true"/>
> Finally, to tie it into the standard request handler, it seems to need to run
> last:
> <requestHandler name="standard" class="solr.SearchHandler" default="true">
> <arr name="last-components">
> <str>lcfSecurity</str>
> </arr>
> ...
> I have not set a package for this code. Nor have I been able to get it
> reviewed by someone as conversant with Solr as I would prefer. It is my
> hope, however, that this module will become part of the standard Solr 1.5
> suite of search components, since that would tie it in with LCF nicely.
--
This message is automatically generated by JIRA.
If you think it was sent incorrectly, please contact your JIRA administrators:
https://issues.apache.org/jira/secure/ContactAdministrators!default.jspa
For more information on JIRA, see: http://www.atlassian.com/software/jira
---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscr...@lucene.apache.org
For additional commands, e-mail: dev-h...@lucene.apache.org
