Have you looked at the Hibernate Search declarative filter feature which is some bells and whistles on top of the Lucene filter feature.
Typically you would keep the credential levels in the document and filter by the user's credential. On Wed, 2009-07-01 at 07:55 -0400, Bryan Doherty wrote: > Currently I am using Sybase with Hibernate for my database needs. I've been > implementing Hibernate Search (HS) and it works very well. I use Sybase > because of the Row Level Security package. But that is suddenly not valid > when using HS because it blindly indexes the data. Is there a way to > simulate Row Level Access on that indexed data? Meaning when whatever class > talks to that directory, it would know about the current user and search the > indexed data. If a piece of data matches, the class would check the > permissions(just extra fields), and if the user does NOT have permissions to > view that piece of data, it wouldn't even leave the index directory. > > I could implement something in Java land that would filter the data when it > is returned to whoever calls it but that goes against the security > requirements I am working with. > > Thanks > Bryan --------------------------------------------------------------------- To unsubscribe, e-mail: java-user-unsubscr...@lucene.apache.org For additional commands, e-mail: java-user-h...@lucene.apache.org
