Hi, we are currently writing a repository connector for confluence. We are using the solr output connection on Solr 4.x. Seeding, versioning, processing works already and now we have to face security.
Compared to the already supported repositories by mcf, confluence seems to have a different security model. There are "Space" permissions for a whole wiki space and these can easily be mapped as shareAllowTokens but there are also page restrictions. Page restrictions are attached to each page (page = document) and page restrictions are inherited. See "Example of Child Page Restrictions" in the Confluence Doc: https://confluence.atlassian.com/display/DOC/Page+Restrictions The inheritance of page restrictions makes things difficult. If we are correct, than it is not sufficient to add the page restrictions as document level access tokens, because the query time filtering handels the user's access tokens (e.g. group memberships) as disjunction. Instead we probalby need a hierarchic, folder based structure of access tokens to map the inheritance of the page restrictions correctly. The current Solr SearchComponent does not support folder level access tokens and the book (mcf in action) says, that these kind of tokens are considered deprecated. To cut a long story short... we are stuck at the moment. Our questions: Did anyone already manage to map confluence security to mcf/solr? Or does somebody has an idea how a confluence-like security model can be mapped to mcf/solr? Thanks in advance Markus
