manifoldcf-user mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Karl Wright <daddy...@gmail.com>
Subject Re: How to query for content with ACLs?
Date Fri, 13 Jun 2014 14:26:37 GMT
Hi Lalit,

You are going through the wrong query handler again:

      "
http://testirishwaterportal/irish-water/irish-water/Lists/IWList/DispForm.aspx?ID=1":
"\n1.0 = (MATCH) MatchAllDocsQuery, product of:\n  1.0 = queryNorm\n",
      "http://testirishwaterportal/irish-water/irish-water/Lists/IW
Annoucements/DispForm.aspx?ID=1": "\n1.0 = (MATCH) MatchAllDocsQuery,
product of:\n  1.0 = queryNorm\n",
      "http://testirishwaterportal/irish-water/irish-water/Lists/IW
Annoucements/DispForm.aspx?ID=2": "\n1.0 = (MATCH) MatchAllDocsQuery,
product of:\n  1.0 = queryNorm\n",
      "
http://testirishwaterportal/irish-water/DocumentLibrary/serverDetails.xlsx":
"\n1.0 = (MATCH) MatchAllDocsQuery, product of:\n  1.0 = queryNorm\n",
      "
http://testirishwaterportal/irish-water/Shared%20Documents/Alfresco-in-an-Hour.pdf":
"\n1.0 = (MATCH) MatchAllDocsQuery, product of:\n  1.0 = queryNorm\n",
      "
http://testirishwaterportal/irish-water/Shared%20Documents/alfresco_aiim_2006_05_16.ppt":
"\n1.0 = (MATCH) MatchAllDocsQuery, product of:\n  1.0 = queryNorm\n",
      "
http://testirishwaterportal/irish-water/DocumentLibrary/pptexamples.ppt":
"\n1.0 = (MATCH) MatchAllDocsQuery, product of:\n  1.0 = queryNorm\n",
      "
http://testirishwaterportal/irish-water/Lists/IW%20Annoucements/Attachments/2/spp.log":
"\n1.0 = (MATCH) MatchAllDocsQuery, product of:\n  1.0 = queryNorm\n",
      "
http://testirishwaterportal/irish-water/Lists/IWList/Attachments/1/Alfresco-in-an-Hour%20-%20Copy.pdf":
"\n1.0 = (MATCH) MatchAllDocsQuery, product of:\n  1.0 = queryNorm\n",
      "
http://testirishwaterportal/irish-water/Lists/IWList/Attachments/1/DevCon%20Revenue.pptx":
"\n1.0 = (MATCH) MatchAllDocsQuery, product of:\n  1.0 = queryNorm\n"


The Solr plugin query modification is not happening; it doesn't seem to be
getting applied now.  It was earlier, you must have turned it off.

Karl



On Fri, Jun 13, 2014 at 9:56 AM, lalit jangra <lalit.j.jangra@gmail.com>
wrote:

> Thanks Karl,
>
> After resetting everything again, now i could see content with ACL posted
> to solr as per your instructions. Thanks again for this.I am attaching
> solr.log.
>
> But still i am not able to see any content using /select query handler &
> attached Select.log for same.
>
> While using /query request handler, i can see results with ACL but
> whatever name i provide, it returns all results so effectively ACL not
> working, attached Query.log for same.
>
> Can you please guide.
>
> Regards.
>
>
> On Fri, Jun 13, 2014 at 1:37 PM, Karl Wright <daddywri@gmail.com> wrote:
>
>> I wonder if this is a Luke bug?
>> The access tokens might well have a form that Luke doesn't like to
>> display.  That is the only thing that's making any sense to me at the
>> moment.
>>
>> Karl
>>
>>
>>
>> On Fri, Jun 13, 2014 at 8:29 AM, Karl Wright <daddywri@gmail.com> wrote:
>>
>>>
>>> FWIW, your authority setup seems to be working properly, and the query
>>> generator is working properly too.  Only the acls are messed up.
>>>
>>> This is the interesting bit:
>>>
>>> "allow_token_document": [
>>>
>>>           "SP+KW:"]
>>>
>>>
>>> It looks like a blank access token is being fetched for this list item,
>>> which does not make any sense to me.  And yet we saw access tokens before,
>>> correct?
>>>
>>>
>>> Karl
>>>
>>>
>>>
>>> On Fri, Jun 13, 2014 at 8:22 AM, Karl Wright <daddywri@gmail.com> wrote:
>>>
>>>> Hi Lalit,
>>>>
>>>> It is clear that your access tokens have not been actually indexed.
>>>> But I remember seeing that they were correctly posted to Solr.  So now I
am
>>>> confused.
>>>>
>>>> Can you please do the following:
>>>> - Click the "reindex all documents" button in the MCF view page for
>>>> your output connection
>>>> - Start your job
>>>> - Send me the Solr info output about what has been posted
>>>>
>>>> When that is done, if what is posted looks correct, you SHOULD have a
>>>> Solr index that has ACLs in it.
>>>> If it does not look correct, we will have to go back and look at your
>>>> connections etc. to see why the acls are not being fetched.
>>>>
>>>> Thanks,
>>>> Karl
>>>>
>>>>
>>>> On Fri, Jun 13, 2014 at 8:16 AM, lalit jangra <lalit.j.jangra@gmail.com
>>>> > wrote:
>>>>
>>>>> Hi Again,
>>>>>
>>>>> I used /query for debugging & using
>>>>>
>>>>>
>>>>> http://localhost:8983/solr/collection1/query?q=*%3A*&wt=json&indent=true&AuthenticatedUserName=ljangra@water.com
>>>>> <http://localhost:8983/solr/collection1/query?q=*%3A*&wt=json&indent=true&AuthenticatedUserName=ljangra@iwater.ie>
>>>>>
>>>>>
>>>>>
>>>>> <http://localhost:8983/solr/collection1/query?q=*%3A*&wt=json&indent=true&AuthenticatedUserName=ljangra@iwater.ie>I
>>>>> could see below results without much information about ACLs.
>>>>>
>>>>>
>>>>>
>>>>>
>>>>>         "deny_token_document": [
>>>>>
>>>>>           "SP+KW:DEAD_AUTHORITY"
>>>>>
>>>>>         ],
>>>>>
>>>>>         "id": "
>>>>> http://testhwaterportal/water/Lists/IWList/DispForm.aspx?ID=1
>>>>> <http://testirishwaterportal/irish-water/irish-water/Lists/IWList/DispForm.aspx?ID=1>
>>>>> ",
>>>>>
>>>>>         "allow_token_document": [
>>>>>
>>>>>           "SP+KW:"
>>>>>
>>>>>         ],
>>>>>
>>>>>         "content": [
>>>>>
>>>>>           " \n \n  \n  \n  \n  \n  \n  \n  \n \n   "
>>>>>
>>>>>         ],
>>>>>
>>>>>         "_version_": 1470790301540941800,
>>>>>
>>>>>         "allow_token_share": [
>>>>>
>>>>>           "__nosecurity__"
>>>>>
>>>>>         ],
>>>>>
>>>>>         "deny_token_share": [
>>>>>
>>>>>           "__nosecurity__"
>>>>>
>>>>>         ]
>>>>>       }
>>>>>
>>>>>
>>>>>
>>>>> On Fri, Jun 13, 2014 at 12:54 PM, Ahmet Arslan <iorixxx@yahoo.com>
>>>>> wrote:
>>>>>
>>>>>> Hi  Lalit,
>>>>>>
>>>>>> regarding "As i could not see any document in solr query,"
>>>>>>
>>>>>> Here is the best practise that I use :
>>>>>>
>>>>>> I configure /select request handler (RH) with mcfQParser, intended
to
>>>>>> use in production, default RH.
>>>>>>
>>>>>> I also use /query RH without mcfQParser, for debugging purposes.
>>>>>>
>>>>>> http://localhost:8983/solr/collection1/query?q=*%3A*&wt=json&indent=true&fl=allow*
>>>>>>
>>>>>> Ahmet
>>>>>>
>>>>>>
>>>>>>   On Friday, June 13, 2014 2:30 PM, lalit jangra <
>>>>>> lalit.j.jangra@gmail.com> wrote:
>>>>>>
>>>>>>
>>>>>>  Thanks Karl,
>>>>>>
>>>>>> As i could not see any document in solr query, i used Luke to open
>>>>>> index and i could see below values for all MCF plugin fields for
all
>>>>>> documents. These are something different from previous values.
>>>>>>
>>>>>> allow_token_document  = SP+KW:
>>>>>> allow_token_share = __nosecurity__
>>>>>> deny_token_document  = SP+KW:DEAD_AUTHORITY
>>>>>> allow_token_share = __nosecurity__
>>>>>>
>>>>>> I think something or a lot of things missing here. I am attaching
zip
>>>>>> of solr index(very small one with 10 documents from sharepoint) here.
>>>>>> Please guide.
>>>>>>
>>>>>> Regards.
>>>>>>
>>>>>>
>>>>>>
>>>>>> On Fri, Jun 13, 2014 at 11:57 AM, Karl Wright <daddywri@gmail.com>
>>>>>> wrote:
>>>>>>
>>>>>> Hi Lalit,
>>>>>>
>>>>>> Can you show me somehow some of the the ACLs that have been indexed
>>>>>> with your documents?  The only other potential issue might be that
your
>>>>>> repository connection(s) may not be part of the same authority groups
as
>>>>>> your authority connections.  In that case, the indexed authority
tokens
>>>>>> will have a different prefix (e.g. SP+KW in one case, something else
in the
>>>>>> other).
>>>>>>
>>>>>> Karl
>>>>>>
>>>>>>
>>>>>>
>>>>>>
>>>>>> On Fri, Jun 13, 2014 at 6:40 AM, lalit jangra <
>>>>>> lalit.j.jangra@gmail.com> wrote:
>>>>>>
>>>>>> Hi Again,
>>>>>>
>>>>>> As per Karl's suggestion, i am now converting user from water.com\ljangra
>>>>>> to ljangra@water.com. Also referring to http://localhost:8345/mcf-authority-service/UserACLs?username=ljangra@water.com
>>>>>>
>>>>>>
>>>>>> <http://localhost:8345/mcf-authority-service/UserACLs?username=ljangra@iwater.ie>
>>>>>> I can see below ACL.
>>>>>> AUTHORIZED:SP+K+Conn
>>>>>> TOKEN:SP+KW:Ui%3A0%23.w%7Ciwater.ie%255cljangra
>>>>>> TOKEN:SP+KW:Uc%3A0%2B.w%7Cs-1-5-32-545
>>>>>>
>>>>>> TOKEN:SP+KW:Uc%3A0%2B.w%7Cs-1-5-21-2630432783-15384281-2988178474-15263
>>>>>> TOKEN:SP+KW:Uc%3A0%2B.w%7Cs-1-5-21-2630432783-15384281-2988178474-513
>>>>>>
>>>>>> TOKEN:SP+KW:Uc%3A0%2B.w%7Cs-1-5-21-2630432783-15384281-2988178474-13472
>>>>>> TOKEN:SP+KW:Uc%3A0%2B.w%7Cs-1-5-21-2630432783-15384281-2988178474-3182
>>>>>> TOKEN:SP+KW:Uc%3A0%2B.w%7Cs-1-5-21-2630432783-15384281-2988178474-1619
>>>>>> TOKEN:SP+KW:Uc%3A0%2B.w%7Cs-1-5-21-2630432783-15384281-2988178474-1813
>>>>>>
>>>>>> TOKEN:SP+KW:Ui%3A0%2B.w%7Cs-1-5-21-2630432783-15384281-2988178474-12149
>>>>>> TOKEN:SP+KW:Uc%3A0%21.s%7Cwindows
>>>>>>
>>>>>> Still i am not able to see any results from query
>>>>>>
>>>>>> http://localhost:8983/solr/collection1/select?q=*%3A*&wt=json&indent=true&debugQuery=true&AuthenticatedUserName=ljangra@water.com
>>>>>> <http://localhost:8983/solr/collection1/select?q=*%3A*&wt=json&indent=true&debugQuery=true&AuthenticatedUserName=ljangra@iwater.ie>
>>>>>> . While debugging query i can see ACL doing fine. So i am confused
>>>>>> why its now working. Can you please help.
>>>>>>
>>>>>> "parsed_filter_queries": [
>>>>>>       "ConstantScore(+((+allow_token_share:__nosecurity__
>>>>>> +deny_token_share:__nosecurity__)
>>>>>> allow_token_share:SP+KW:Ui%3A0%23.w%7Ciwater.ie%255cljangra
>>>>>> -deny_token_share:SP+KW:Ui%3A0%23.w%7Ciwater.ie%255cljangra
>>>>>> allow_token_share:SP+KW:Uc%3A0%2B.w%7Cs-1-5-32-545
>>>>>> -deny_token_share:SP+KW:Uc%3A0%2B.w%7Cs-1-5-32-545
>>>>>> allow_token_share:SP+KW:Uc%3A0%2B.w%7Cs-1-5-21-2630432783-15384281-2988178474-15263
>>>>>> -deny_token_share:SP+KW:Uc%3A0%2B.w%7Cs-1-5-21-2630432783-15384281-2988178474-15263
>>>>>> allow_token_share:SP+KW:Uc%3A0%2B.w%7Cs-1-5-21-2630432783-15384281-2988178474-513
>>>>>> -deny_token_share:SP+KW:Uc%3A0%2B.w%7Cs-1-5-21-2630432783-15384281-2988178474-513
>>>>>> allow_token_share:SP+KW:Uc%3A0%2B.w%7Cs-1-5-21-2630432783-15384281-2988178474-13472
>>>>>> -deny_token_share:SP+KW:Uc%3A0%2B.w%7Cs-1-5-21-2630432783-15384281-2988178474-13472
>>>>>> allow_token_share:SP+KW:Uc%3A0%2B.w%7Cs-1-5-21-2630432783-15384281-2988178474-3182
>>>>>> -deny_token_share:SP+KW:Uc%3A0%2B.w%7Cs-1-5-21-2630432783-15384281-2988178474-3182
>>>>>> allow_token_share:SP+KW:Uc%3A0%2B.w%7Cs-1-5-21-2630432783-15384281-2988178474-1619
>>>>>> -deny_token_share:SP+KW:Uc%3A0%2B.w%7Cs-1-5-21-2630432783-15384281-2988178474-1619
>>>>>> allow_token_share:SP+KW:Uc%3A0%2B.w%7Cs-1-5-21-2630432783-15384281-2988178474-1813
>>>>>> -deny_token_share:SP+KW:Uc%3A0%2B.w%7Cs-1-5-21-2630432783-15384281-2988178474-1813
>>>>>> allow_token_share:SP+KW:Ui%3A0%2B.w%7Cs-1-5-21-2630432783-15384281-2988178474-12149
>>>>>> -deny_token_share:SP+KW:Ui%3A0%2B.w%7Cs-1-5-21-2630432783-15384281-2988178474-12149
>>>>>> allow_token_share:SP+KW:Uc%3A0%21.s%7Cwindows
>>>>>> -deny_token_share:SP+KW:Uc%3A0%21.s%7Cwindows)
>>>>>> +((+allow_token_document:__nosecurity__
>>>>>> +deny_token_document:__nosecurity__)
>>>>>> allow_token_document:SP+KW:Ui%3A0%23.w%7Ciwater.ie%255cljangra
>>>>>> -deny_token_document:SP+KW:Ui%3A0%23.w%7Ciwater.ie%255cljangra
>>>>>> allow_token_document:SP+KW:Uc%3A0%2B.w%7Cs-1-5-32-545
>>>>>> -deny_token_document:SP+KW:Uc%3A0%2B.w%7Cs-1-5-32-545
>>>>>> allow_token_document:SP+KW:Uc%3A0%2B.w%7Cs-1-5-21-2630432783-15384281-2988178474-15263
>>>>>> -deny_token_document:SP+KW:Uc%3A0%2B.w%7Cs-1-5-21-2630432783-15384281-2988178474-15263
>>>>>> allow_token_document:SP+KW:Uc%3A0%2B.w%7Cs-1-5-21-2630432783-15384281-2988178474-513
>>>>>> -deny_token_document:SP+KW:Uc%3A0%2B.w%7Cs-1-5-21-2630432783-15384281-2988178474-513
>>>>>> allow_token_document:SP+KW:Uc%3A0%2B.w%7Cs-1-5-21-2630432783-15384281-2988178474-13472
>>>>>> -deny_token_document:SP+KW:Uc%3A0%2B.w%7Cs-1-5-21-2630432783-15384281-2988178474-13472
>>>>>> allow_token_document:SP+KW:Uc%3A0%2B.w%7Cs-1-5-21-2630432783-15384281-2988178474-3182
>>>>>> -deny_token_document:SP+KW:Uc%3A0%2B.w%7Cs-1-5-21-2630432783-15384281-2988178474-3182
>>>>>> allow_token_document:SP+KW:Uc%3A0%2B.w%7Cs-1-5-21-2630432783-15384281-2988178474-1619
>>>>>> -deny_token_document:SP+KW:Uc%3A0%2B.w%7Cs-1-5-21-2630432783-15384281-2988178474-1619
>>>>>> allow_token_document:SP+KW:Uc%3A0%2B.w%7Cs-1-5-21-2630432783-15384281-2988178474-1813
>>>>>> -deny_token_document:SP+KW:Uc%3A0%2B.w%7Cs-1-5-21-2630432783-15384281-2988178474-1813
>>>>>> allow_token_document:SP+KW:Ui%3A0%2B.w%7Cs-1-5-21-2630432783-15384281-2988178474-12149
>>>>>> -deny_token_document:SP+KW:Ui%3A0%2B.w%7Cs-1-5-21-2630432783-15384281-2988178474-12149
>>>>>> allow_token_document:SP+KW:Uc%3A0%21.s%7Cwindows
>>>>>> -deny_token_document:SP+KW:Uc%3A0%21.s%7Cwindows))"
>>>>>>     ],
>>>>>>
>>>>>> Finally solr.log also seems to be fine.
>>>>>>
>>>>>> INFO  - 2014-06-13 11:38:19.862;
>>>>>> org.apache.solr.mcf.ManifoldCFQParserPlugin$ManifoldCFQueryParser;
Trying
>>>>>> to match docs for user '[:ljangra@water.com]'
>>>>>> INFO  - 2014-06-13 11:38:19.909;
>>>>>> org.apache.solr.mcf.ManifoldCFQParserPlugin$ManifoldCFQueryParser;
Saw
>>>>>> authority response AUTHORIZED:SP+K+Conn
>>>>>> INFO  - 2014-06-13 11:38:19.909; org.apache.solr.core.SolrCore;
>>>>>> [collection1] webapp=/solr path=/select
>>>>>> params={indent=true&q=*:*&_=1402655899834&wt=json&AuthenticatedUserName=
>>>>>> ljangra@water.com} hits=0 status=0 QTime=47
>>>>>>
>>>>>> Regards.
>>>>>>
>>>>>>
>>>>>> On Fri, Jun 13, 2014 at 12:13 AM, Ahmet Arslan <iorixxx@yahoo.com>
>>>>>> wrote:
>>>>>>
>>>>>> Hi Lalit,
>>>>>>
>>>>>> It makes more sense to use appends section rather than defaults
>>>>>> section when defining mcf query parser plugin in fq parameter.
>>>>>>
>>>>>> <lst name="appends">
>>>>>>  <str name="fq">{!manifoldCFSecurity}</str>
>>>>>> </lst>
>>>>>>
>>>>>>
>>>>>>
>>>>>>
>>>>>>   On Friday, June 13, 2014 12:51 AM, lalit jangra <
>>>>>> lalit.j.jangra@gmail.com> wrote:
>>>>>>
>>>>>>
>>>>>>  Hi Ahmet,
>>>>>>
>>>>>> I have configured solrconfig.xml as per your suggestion.
>>>>>>
>>>>>>  <requestHandler name="/select" class="solr.SearchHandler">
>>>>>>     <!-- default values for query parameters can be specified,
these
>>>>>>          will be overridden by parameters in the request
>>>>>>       -->
>>>>>>      <lst name="defaults">
>>>>>>        <str name="echoParams">explicit</str>
>>>>>>        <int name="rows">1000</int>
>>>>>>        <str name="df">text</str>
>>>>>>        <str name="fq">{!manifoldCFSecurity}</str>
>>>>>>      </lst>
>>>>>> ....
>>>>>> </requestHandler>
>>>>>>
>>>>>>
>>>>>> Next i am running a job which indexes sharepoint content in solr
but
>>>>>> when i am searching in solr, i am getting not results & getting
>>>>>> UNREACHABLEAUTHORITY message.
>>>>>>
>>>>>> INFO  - 2014-06-12 22:22:29.944;
>>>>>> org.apache.solr.core.SolrDeletionPolicy; SolrDeletionPolicy.onCommit:
>>>>>> commits: num=2
>>>>>>
>>>>>> commit{dir=NRTCachingDirectory(org.apache.lucene.store.MMapDirectory@C:\solr-4.6.0\example\solr\collection1\data\index
>>>>>> lockFactory=org.apache.lucene.store.NativeFSLockFactory@3971846;
>>>>>> maxCacheMB=48.0 maxMergeSizeMB=4.0),segFN=segments_1,generation=1}
>>>>>>
>>>>>> commit{dir=NRTCachingDirectory(org.apache.lucene.store.MMapDirectory@C:\solr-4.6.0\example\solr\collection1\data\index
>>>>>> lockFactory=org.apache.lucene.store.NativeFSLockFactory@3971846;
>>>>>> maxCacheMB=48.0 maxMergeSizeMB=4.0),segFN=segments_2,generation=2}
>>>>>> INFO  - 2014-06-12 22:22:29.944;
>>>>>> org.apache.solr.core.SolrDeletionPolicy; newest commit generation
= 2
>>>>>> INFO  - 2014-06-12 22:22:29.960;
>>>>>> org.apache.solr.search.SolrIndexSearcher; Opening Searcher@5ac787b0
>>>>>> main
>>>>>> INFO  - 2014-06-12 22:22:29.975;
>>>>>> org.apache.solr.update.DirectUpdateHandler2; end_commit_flush
>>>>>> INFO  - 2014-06-12 22:22:29.975;
>>>>>> org.apache.solr.core.QuerySenderListener; QuerySenderListener sending
>>>>>> requests to Searcher@5ac787b0
>>>>>> main{StandardDirectoryReader(segments_2:3:nrt _0(4.6):C10)}
>>>>>> INFO  - 2014-06-12 22:22:29.975;
>>>>>> org.apache.solr.core.QuerySenderListener; QuerySenderListener done.
>>>>>> INFO  - 2014-06-12 22:22:29.975; org.apache.solr.core.SolrCore;
>>>>>> [collection1] Registered new searcher Searcher@5ac787b0
>>>>>> main{StandardDirectoryReader(segments_2:3:nrt _0(4.6):C10)}
>>>>>> INFO  - 2014-06-12 22:22:29.975;
>>>>>> org.apache.solr.update.processor.LogUpdateProcessor; [collection1]
>>>>>> webapp=/solr path=/update/extract params={commit=true&wt=xml&version=2.2}
>>>>>> {commit=} 0 265
>>>>>> INFO  - 2014-06-12 22:22:35.663;
>>>>>> org.apache.solr.servlet.SolrDispatchFilter; [admin] webapp=null
>>>>>> path=/admin/cores params={indexInfo=false&_=1402608155643&wt=json}
status=0
>>>>>> QTime=0
>>>>>> INFO  - 2014-06-12 22:22:35.741;
>>>>>> org.apache.solr.servlet.SolrDispatchFilter; [admin] webapp=null
>>>>>> path=/admin/info/system params={_=1402608155681&wt=json} status=0
QTime=15
>>>>>> INFO  - 2014-06-12 22:22:36.960;
>>>>>> org.apache.solr.mcf.ManifoldCFQParserPlugin$ManifoldCFQueryParser;
Default
>>>>>> no-user response (open documents only)
>>>>>> INFO  - 2014-06-12 22:22:36.976; org.apache.solr.core.SolrCore;
>>>>>> [collection1] webapp=/solr path=/select
>>>>>> params={indent=true&q=*:*&_=1402608156947&wt=json} hits=0
status=0 QTime=16
>>>>>> INFO  - 2014-06-12 22:22:40.569;
>>>>>> org.apache.solr.mcf.ManifoldCFQParserPlugin$ManifoldCFQueryParser;
Trying
>>>>>> to match docs for user '[:ljangra@water.com]'
>>>>>> INFO  - 2014-06-12 22:22:40.726;
>>>>>> org.apache.solr.mcf.ManifoldCFQParserPlugin$ManifoldCFQueryParser;
Saw
>>>>>> authority response UNREACHABLEAUTHORITY:SsharepointAuthority
>>>>>> INFO  - 2014-06-12 22:22:40.726; org.apache.solr.core.SolrCore;
>>>>>> [collection1] webapp=/solr path=/select
>>>>>> params={indent=true&q=*:*&_=1402608160548&wt=json&AuthenticatedUserName=
>>>>>> ljangra@water.com} hits=0 status=0 QTime=157
>>>>>>
>>>>>> UNREACHABLEAUTHORITY means name of an authority that was found to
be
>>>>>> unreachable or unusable but i am having same authority working fine
in MCF.
>>>>>>
>>>>>>
>>>>>> Please help.
>>>>>>
>>>>>> Regards.
>>>>>>
>>>>>>
>>>>>>
>>>>>> On Thu, Jun 12, 2014 at 9:26 PM, Ahmet Arslan <iorixxx@yahoo.com>
>>>>>> wrote:
>>>>>>
>>>>>> Hi Karl,
>>>>>>
>>>>>> May be we should use
>>>>>>
>>>>>>  <requestHandler name="/select" class="solr.SearchHandler">
>>>>>>
>>>>>> in
>>>>>> https://svn.apache.org/repos/asf/manifoldcf/integration/solr-4.x/trunk/README.txt
>>>>>>
>>>>>> To avoid confusion?
>>>>>>
>>>>>> What do you think?
>>>>>>
>>>>>>
>>>>>>   On Thursday, June 12, 2014 11:12 PM, Karl Wright <
>>>>>> daddywri@gmail.com> wrote:
>>>>>>
>>>>>>
>>>>>> What does your solrconfig.xml file look like?
>>>>>> Karl
>>>>>>
>>>>>>
>>>>>> On Thu, Jun 12, 2014 at 2:58 PM, lalit jangra <
>>>>>> lalit.j.jangra@gmail.com> wrote:
>>>>>>
>>>>>> Hi Ahmet,
>>>>>>
>>>>>> I tried the way you suggested but its not working. My solr query
is
>>>>>> as below.
>>>>>>
>>>>>>
>>>>>> http://localhost:8983/solr/collection1/select?q=*%3A*&wt=json&indent=true&AuthenticatedUserName=ljangra@domain.entp
>>>>>>
>>>>>> Whatever name i am passing as AuthenticatedUserName, it returning
all
>>>>>> results.
>>>>>>
>>>>>> I have indexed my documents using mcf-solr plugin using instructions
>>>>>> @
>>>>>> https://svn.apache.org/repos/asf/manifoldcf/integration/solr-4.x/trunk/README.txt.
>>>>>> Below are some of ACL stored in solr. Am i missing something?
>>>>>>
>>>>>> "_version_": 1470562493875093500,
>>>>>>         "allow_token_share": [
>>>>>>           "__nosecurity__"
>>>>>>         ],
>>>>>>         "deny_token_share": [
>>>>>>           "__nosecurity__"
>>>>>>         ]
>>>>>>       },
>>>>>>       {
>>>>>>         "content_name": "Alfresco-in-an-Hour.pdf"
>>>>>>         "deny_token_document": [
>>>>>>           "SP+Group:DEAD_AUTHORITY"
>>>>>>         ],
>>>>>>         "allow_token_document": [
>>>>>>           "SP+Group:GTest+lalit+Portal+Visitors",
>>>>>>           "SP+Group:GTest+lalit+Portal+Owners",
>>>>>>           "SP+Group:GRestricted+Readers",
>>>>>>           "SP+Group:GTest+lalit+Administrators",
>>>>>>           "SP+Group:GTest+lalit+Portal+Members",
>>>>>>           "SP+Group:Uc%3A0%28.s%7Ctrue",
>>>>>>           "SP+Group:GHierarchy+Managers",
>>>>>>           "SP+Group:GApprovers",
>>>>>>           "SP+Group:GViewers",
>>>>>>           "SP+Group:GDesigners"
>>>>>>         ],
>>>>>>         "content_modified_date": "2014-06-04T00:00:00Z",
>>>>>>
>>>>>>
>>>>>>
>>>>>>                   SDD
>>>>>>
>>>>>>
>>>>>>                    "_version_": 1470564182244982800
>>>>>>       },
>>>>>>       {
>>>>>>         "deny_token_share": [
>>>>>>           "AD+Group:DEAD_AUTHORITY"
>>>>>>         ],
>>>>>>         "content_name": "hekko.txt",
>>>>>>         "content_modifier": "iwater.ie\\ljangra",
>>>>>>         "deny_token_document": [
>>>>>>           "AD+Group:DEAD_AUTHORITY"
>>>>>>         ],
>>>>>>                "id": "
>>>>>> file://///10.231.82.15/AlfrescoInstallers/manifoldtest/hekko.txt",
>>>>>>         "allow_token_document": [
>>>>>>           "AD+Group:S-1-5-18",
>>>>>>           "AD+Group:S-1-5-21-2630432783-15384281-2988178474-12088",
>>>>>>           "AD+Group:S-1-5-21-2630432783-15384281-2988178474-12147",
>>>>>>           "AD+Group:S-1-5-21-2630432783-15384281-2988178474-12148",
>>>>>>           "AD+Group:S-1-5-21-2630432783-15384281-2988178474-12149",
>>>>>>           "AD+Group:S-1-5-21-2630432783-15384281-2988178474-12150",
>>>>>>           "AD+Group:S-1-5-21-2630432783-15384281-2988178474-12217",
>>>>>>           "AD+Group:S-1-5-21-2630432783-15384281-2988178474-15154",
>>>>>>           "AD+Group:S-1-5-21-2630432783-15384281-2988178474-8005",
>>>>>>           "AD+Group:S-1-5-32-544"
>>>>>>         ],
>>>>>>
>>>>>>         "allow_token_share": [
>>>>>>           "AD+Group:S-1-1-0",
>>>>>>           "AD+Group:S-1-5-32-544"
>>>>>>         ],
>>>>>>
>>>>>>
>>>>>>                 CMIS
>>>>>>
>>>>>>                 "allow_token_share": [
>>>>>>           "__nosecurity__"
>>>>>>         ],
>>>>>>         "deny_token_document": [
>>>>>>           "__nosecurity__"
>>>>>>         ],
>>>>>>         "deny_token_share": [
>>>>>>           "__nosecurity__"
>>>>>>         ],
>>>>>>         "allow_token_document": [
>>>>>>           "__nosecurity__"
>>>>>>         ]
>>>>>>
>>>>>> Regards.
>>>>>>
>>>>>>
>>>>>>
>>>>>> On Thu, Jun 12, 2014 at 3:01 PM, Ahmet Arslan <iorixxx@yahoo.com>
>>>>>> wrote:
>>>>>>
>>>>>> Hi,
>>>>>>
>>>>>> As documented here
>>>>>> https://svn.apache.org/repos/asf/manifoldcf/integration/solr-4.x/trunk/README.txt
>>>>>>
>>>>>> "At a minimum, AuthenticatedUserName must be present in order"
>>>>>>
>>>>>>
>>>>>> This is a URL parameter, just like Solr params. Here is an example.
>>>>>>
>>>>>>
>>>>>> http://localhost:8983/solr/documents/select?q=*%3A*&wt=xml&AuthenticatedUserName=ahmet@g-b.entp&facet=on&facet.field=Content-Type
>>>>>> <http://localhost:8983/solr/documents/select?q=*%3A*&wt=xml&debugQuery=true&AuthenticatedUserName=ahmet@g-b.entp&facet=on&facet.field=Content-Type>
>>>>>>
>>>>>>
>>>>>>   On Thursday, June 12, 2014 4:28 PM, lalit jangra <
>>>>>> lalit.j.jangra@gmail.com> wrote:
>>>>>>
>>>>>>
>>>>>>  Hi All,
>>>>>>
>>>>>> As continuing from
>>>>>> http://lucene.472066.n3.nabble.com/How-to-query-for-content-with-ACLs-td4141402.html
>>>>>> as per Ahmet's suggestion.
>>>>>>
>>>>>> I have setup mcf-solr4x-plugin in MCF 1.5.1 and i can see ACLs
>>>>>> indexed into solr indexes.
>>>>>>
>>>>>> Now i want to write Solr query to put a user's permission details
>>>>>> into in it which can be compared to ACL stored in solr and only those
>>>>>> results will be returned to user on which he has been assigned ACL.
>>>>>>
>>>>>> How can i do this?  Can i use MCF filter  below here or do i need
to
>>>>>> write custom query for my need?
>>>>>>
>>>>>> <requestHandler name="search" class="solr.SearchHandler"
>>>>>> default="true">
>>>>>>   <lst name="appends">
>>>>>>     <str name="fq">{!manifoldCFSecurity}</str>
>>>>>>   </lst>
>>>>>> </requestHandler>
>>>>>>
>>>>>> Please help.
>>>>>>
>>>>>> Regards,
>>>>>> Lalit Jangra.
>>>>>>
>>>>>>
>>>>>>
>>>>>>
>>>>>>
>>>>>> --
>>>>>> Regards,
>>>>>> Lalit Jangra.
>>>>>>
>>>>>>
>>>>>>
>>>>>>
>>>>>>
>>>>>>
>>>>>>
>>>>>> --
>>>>>> Regards,
>>>>>> Lalit Jangra.
>>>>>>
>>>>>>
>>>>>>
>>>>>>
>>>>>>
>>>>>> --
>>>>>> Regards,
>>>>>> Lalit Jangra.
>>>>>>
>>>>>>
>>>>>>
>>>>>>
>>>>>>
>>>>>> --
>>>>>> Regards,
>>>>>> Lalit Jangra.
>>>>>>
>>>>>>
>>>>>>
>>>>>
>>>>>
>>>>> --
>>>>> Regards,
>>>>> Lalit Jangra.
>>>>>
>>>>
>>>>
>>>
>>
>
>
> --
> Regards,
> Lalit Jangra.
>

Mime
View raw message