in < 1sec*
Thanks in advance
--
View this message in context:
http://lucene.472066.n3.nabble.com/Modelling-Access-Control-tp1756817p4017479.html
Sent from the Solr - User mailing list archive at Nabble.com.
ck Erickson
> Subject: Re: Modelling Access Control
> To: solr-user@lucene.apache.org
> Date: Saturday, October 30, 2010, 6:01 PM
> If that's in response to Lance's
> comment, the answer is that if you return
> autosuggest possibilities you effectively allow users to
>
If that's in response to Lance's comment, the answer is that if you return
autosuggest possibilities you effectively allow users to see data they
shouldn't. Imagine you have a field of the real names of spies. You only
want the persons way high up in the security chain to access these names and
you
"Son, don't touch that stove . . . .",
"OUCH! Hey Dad, I BURNED my hand on that stove, why didn't you tell me
that?!?#! You know I need to know WHY, not just DON'T!"
Dennis Gearon
> Very important: do not make a spelling or autosuggest index
> from a
> text field which some people can see and o
c.com.com/security/?p=4501&tag=nl.e036'
>>
>> EARTH has a Right To Life,
>> otherwise we all die.
>>
>>
>> --- On Mon, 10/25/10, Jonathan Rochkind wrote:
>>
>>> From: Jonathan Rochkind
>>> Subject: Re: Modelling Access Control
>&
gt; yourself. from
> 'http://blogs.techrepublic.com.com/security/?p=4501&tag=nl.e036'
>
> EARTH has a Right To Life,
> otherwise we all die.
>
>
> --- On Mon, 10/25/10, Jonathan Rochkind wrote:
>
>> From: Jonathan Rochkind
>> Subject: Re: Modelling Acc
ty/?p=4501&tag=nl.e036'
EARTH has a Right To Life,
otherwise we all die.
--- On Mon, 10/25/10, Jonathan Rochkind wrote:
> From: Jonathan Rochkind
> Subject: Re: Modelling Access Control
> To: "solr-user@lucene.apache.org"
> Date: Monday, October 25, 2010, 8:19 A
takes, so you do not have to make them
yourself. from 'http://blogs.techrepublic.com.com/security/?p=4501&tag=nl.e036'
EARTH has a Right To Life,
otherwise we all die.
--- On Mon, 10/25/10, Paul Carey wrote:
> From: Paul Carey
> Subject: Re: Modelling Acces
Dennis Gearon wrote:
why use filter queries?
Wouldn't reducing the set headed into the filters by putting it in the main
query be faster? (A question to learn, since I do NOT know :-)
No. At least as I understand it. In the best case, the filter query will
be a lot faster, because filter q
On Mon, Oct 25, 2010 at 8:16 AM, Paul Carey wrote:
> Many thanks for all the responses. I now plan on benchmarking and
> validating both the filter query approach, and maintaining the ACL
> entirely outside of Solr. I'll decide from there.
>
> Paul
>
Great.
I am looking forward for some feedba
Many thanks for all the responses. I now plan on benchmarking and
validating both the filter query approach, and maintaining the ACL
entirely outside of Solr. I'll decide from there.
Paul
Hi,
See SOLR-1872 for a way of providing access control, whilst placing
the ACL configuration itself outside of Solr, which is generally a
good idea.
http://www.lucidimagination.com/search/out?u=http://issues.apache.org/jira/browse/SOLR-1872
There are a number of ways to approach Access Contr
27;
>
> EARTH has a Right To Life,
> otherwise we all die.
>
>
> --- On Sat, 10/23/10, Israel Ekpo wrote:
>
> > From: Israel Ekpo
> > Subject: Re: Modelling Access Control
> > To: solr-user@lucene.apache.org
> > Date: Saturday, October 23, 2010, 7:01 A
do not have to make them
> yourself. from '
> http://blogs.techrepublic.com.com/security/?p=4501&tag=nl.e036'
>
> EARTH has a Right To Life,
> otherwise we all die.
>
>
> --- On Sat, 10/23/10, Dennis Gearon wrote:
>
> > From: Dennis Gearon
> > Sub
Gearon
> Subject: Re: Modelling Access Control
> To: solr-user@lucene.apache.org
> Date: Saturday, October 23, 2010, 11:49 AM
> Two things will lessen the solr
> admininstrative load :
>
> 1/ Follow examples of databases and *nix OSs. Give each
> user their own group, o
etter idea to learn from others’ mistakes, so you do not have to make them
yourself. from 'http://blogs.techrepublic.com.com/security/?p=4501&tag=nl.e036'
EARTH has a Right To Life,
otherwise we all die.
--- On Sat, 10/23/10, Israel Ekpo wrote:
> From: Israel Ekpo
> Subj
stakes, so you do not have to make them
yourself. from 'http://blogs.techrepublic.com.com/security/?p=4501&tag=nl.e036'
EARTH has a Right To Life,
otherwise we all die.
--- On Sat, 10/23/10, Paul Carey wrote:
> From: Paul Carey
> Subject: Modelling Access Control
> To: s
Hi Paul,
Regardless of how you implement it, I would recommend you use filter queries
for the permissions check rather than making it part of the main query.
On Sat, Oct 23, 2010 at 4:03 AM, Paul Carey wrote:
> Hi
>
> My domain model is made of users that have access to projects which
> are com
Hi
My domain model is made of users that have access to projects which
are composed of items. I'm hoping to use Solr and would like to make
sure that searches only return results for items that users have
access to.
I've looked over some of the older posts on this mailing list about
access contro
19 matches
Mail list logo
