El mié, 11-06-2008 a las 16:15 +0300, Jukka Zitting escribió: > Hi, > > On Wed, Jun 11, 2008 at 1:46 PM, Paco Avila <[EMAIL PROTECTED]> wrote: > > I want to ecnrypt the documents stored in the jackrabbit repository but > > i have a big problem: if I store an encrypted stream, the text > > extractors will fail to extract info from this encrypted stream. So, how > > can I store these encrypted documents and get indexed? > > Store unencrypted copies of the documents in the repository.
Yeah, but the problem is the same :) > What's the reason for storing the documents encrypted? If it's > security-related, note that even if users wouldn't have direct access > to the underlying index files, they'd still be able to deduce much of > the document contents by carefully crafted queries against the > repository. For example > /jcr:root/path/to/document[jcr:contains(.,'foo')] tells if a document > contains "foo". Ok, but he can't deduce the whole document using this approach. The problem is when an user access the server and can view the filesystem, and the documents are stored on it. If I encrypt these documents in the repository, no one can read the files out of jackrabbit. > If you still want to do this, one alternative would of course be to > write a custom text extractor that knows how to decrypt the documents > before passing them to the normal text extractors. Thanks, I was thinking to implement something like this. -- Paco Avila <[EMAIL PROTECTED]> GIT Consultors
