manifoldcf-user mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From lalit jangra <lalit.j.jan...@gmail.com>
Subject Re: How to query for content with ACLs?
Date Fri, 13 Jun 2014 14:57:49 GMT
Hi Karl,

I have tried with /select, /query & /search but not getting appropriate
results. Which query handler should i use here.

I am also attaching solrconfig.xml.

Regards.


On Fri, Jun 13, 2014 at 3:26 PM, Karl Wright <daddywri@gmail.com> wrote:

> Hi Lalit,
>
> You are going through the wrong query handler again:
>
>       "
> http://testirishwaterportal/irish-water/irish-water/Lists/IWList/DispForm.aspx?ID=1":
> "\n1.0 = (MATCH) MatchAllDocsQuery, product of:\n  1.0 = queryNorm\n",
>       "http://testirishwaterportal/irish-water/irish-water/Lists/IW
> Annoucements/DispForm.aspx?ID=1": "\n1.0 = (MATCH) MatchAllDocsQuery,
> product of:\n  1.0 = queryNorm\n",
>       "http://testirishwaterportal/irish-water/irish-water/Lists/IW
> Annoucements/DispForm.aspx?ID=2": "\n1.0 = (MATCH) MatchAllDocsQuery,
> product of:\n  1.0 = queryNorm\n",
>       "
> http://testirishwaterportal/irish-water/DocumentLibrary/serverDetails.xlsx":
> "\n1.0 = (MATCH) MatchAllDocsQuery, product of:\n  1.0 = queryNorm\n",
>       "
> http://testirishwaterportal/irish-water/Shared%20Documents/Alfresco-in-an-Hour.pdf":
> "\n1.0 = (MATCH) MatchAllDocsQuery, product of:\n  1.0 = queryNorm\n",
>       "
> http://testirishwaterportal/irish-water/Shared%20Documents/alfresco_aiim_2006_05_16.ppt":
> "\n1.0 = (MATCH) MatchAllDocsQuery, product of:\n  1.0 = queryNorm\n",
>       "
> http://testirishwaterportal/irish-water/DocumentLibrary/pptexamples.ppt":
> "\n1.0 = (MATCH) MatchAllDocsQuery, product of:\n  1.0 = queryNorm\n",
>       "
> http://testirishwaterportal/irish-water/Lists/IW%20Annoucements/Attachments/2/spp.log":
> "\n1.0 = (MATCH) MatchAllDocsQuery, product of:\n  1.0 = queryNorm\n",
>       "
> http://testirishwaterportal/irish-water/Lists/IWList/Attachments/1/Alfresco-in-an-Hour%20-%20Copy.pdf":
> "\n1.0 = (MATCH) MatchAllDocsQuery, product of:\n  1.0 = queryNorm\n",
>       "
> http://testirishwaterportal/irish-water/Lists/IWList/Attachments/1/DevCon%20Revenue.pptx":
> "\n1.0 = (MATCH) MatchAllDocsQuery, product of:\n  1.0 = queryNorm\n"
>
>
> The Solr plugin query modification is not happening; it doesn't seem to be
> getting applied now.  It was earlier, you must have turned it off.
>
> Karl
>
>
>
> On Fri, Jun 13, 2014 at 9:56 AM, lalit jangra <lalit.j.jangra@gmail.com>
> wrote:
>
>> Thanks Karl,
>>
>> After resetting everything again, now i could see content with ACL posted
>> to solr as per your instructions. Thanks again for this.I am attaching
>> solr.log.
>>
>> But still i am not able to see any content using /select query handler &
>> attached Select.log for same.
>>
>> While using /query request handler, i can see results with ACL but
>> whatever name i provide, it returns all results so effectively ACL not
>> working, attached Query.log for same.
>>
>> Can you please guide.
>>
>> Regards.
>>
>>
>> On Fri, Jun 13, 2014 at 1:37 PM, Karl Wright <daddywri@gmail.com> wrote:
>>
>>> I wonder if this is a Luke bug?
>>> The access tokens might well have a form that Luke doesn't like to
>>> display.  That is the only thing that's making any sense to me at the
>>> moment.
>>>
>>> Karl
>>>
>>>
>>>
>>> On Fri, Jun 13, 2014 at 8:29 AM, Karl Wright <daddywri@gmail.com> wrote:
>>>
>>>>
>>>> FWIW, your authority setup seems to be working properly, and the query
>>>> generator is working properly too.  Only the acls are messed up.
>>>>
>>>> This is the interesting bit:
>>>>
>>>> "allow_token_document": [
>>>>
>>>>           "SP+KW:"]
>>>>
>>>>
>>>> It looks like a blank access token is being fetched for this list item,
>>>> which does not make any sense to me.  And yet we saw access tokens before,
>>>> correct?
>>>>
>>>>
>>>> Karl
>>>>
>>>>
>>>>
>>>> On Fri, Jun 13, 2014 at 8:22 AM, Karl Wright <daddywri@gmail.com>
>>>> wrote:
>>>>
>>>>> Hi Lalit,
>>>>>
>>>>> It is clear that your access tokens have not been actually indexed.
>>>>> But I remember seeing that they were correctly posted to Solr.  So now
I am
>>>>> confused.
>>>>>
>>>>> Can you please do the following:
>>>>> - Click the "reindex all documents" button in the MCF view page for
>>>>> your output connection
>>>>> - Start your job
>>>>> - Send me the Solr info output about what has been posted
>>>>>
>>>>> When that is done, if what is posted looks correct, you SHOULD have a
>>>>> Solr index that has ACLs in it.
>>>>> If it does not look correct, we will have to go back and look at your
>>>>> connections etc. to see why the acls are not being fetched.
>>>>>
>>>>> Thanks,
>>>>> Karl
>>>>>
>>>>>
>>>>> On Fri, Jun 13, 2014 at 8:16 AM, lalit jangra <
>>>>> lalit.j.jangra@gmail.com> wrote:
>>>>>
>>>>>> Hi Again,
>>>>>>
>>>>>> I used /query for debugging & using
>>>>>>
>>>>>>
>>>>>> http://localhost:8983/solr/collection1/query?q=*%3A*&wt=json&indent=true&AuthenticatedUserName=ljangra@water.com
>>>>>> <http://localhost:8983/solr/collection1/query?q=*%3A*&wt=json&indent=true&AuthenticatedUserName=ljangra@iwater.ie>
>>>>>>
>>>>>>
>>>>>>
>>>>>> <http://localhost:8983/solr/collection1/query?q=*%3A*&wt=json&indent=true&AuthenticatedUserName=ljangra@iwater.ie>I
>>>>>> could see below results without much information about ACLs.
>>>>>>
>>>>>>
>>>>>>
>>>>>>
>>>>>>         "deny_token_document": [
>>>>>>
>>>>>>           "SP+KW:DEAD_AUTHORITY"
>>>>>>
>>>>>>         ],
>>>>>>
>>>>>>         "id": "
>>>>>> http://testhwaterportal/water/Lists/IWList/DispForm.aspx?ID=1
>>>>>> <http://testirishwaterportal/irish-water/irish-water/Lists/IWList/DispForm.aspx?ID=1>
>>>>>> ",
>>>>>>
>>>>>>         "allow_token_document": [
>>>>>>
>>>>>>           "SP+KW:"
>>>>>>
>>>>>>         ],
>>>>>>
>>>>>>         "content": [
>>>>>>
>>>>>>           " \n \n  \n  \n  \n  \n  \n  \n  \n \n   "
>>>>>>
>>>>>>         ],
>>>>>>
>>>>>>         "_version_": 1470790301540941800,
>>>>>>
>>>>>>         "allow_token_share": [
>>>>>>
>>>>>>           "__nosecurity__"
>>>>>>
>>>>>>         ],
>>>>>>
>>>>>>         "deny_token_share": [
>>>>>>
>>>>>>           "__nosecurity__"
>>>>>>
>>>>>>         ]
>>>>>>       }
>>>>>>
>>>>>>
>>>>>>
>>>>>> On Fri, Jun 13, 2014 at 12:54 PM, Ahmet Arslan <iorixxx@yahoo.com>
>>>>>> wrote:
>>>>>>
>>>>>>> Hi  Lalit,
>>>>>>>
>>>>>>> regarding "As i could not see any document in solr query,"
>>>>>>>
>>>>>>> Here is the best practise that I use :
>>>>>>>
>>>>>>> I configure /select request handler (RH) with mcfQParser, intended
>>>>>>> to use in production, default RH.
>>>>>>>
>>>>>>> I also use /query RH without mcfQParser, for debugging purposes.
>>>>>>>
>>>>>>> http://localhost:8983/solr/collection1/query?q=*%3A*&wt=json&indent=true&fl=allow*
>>>>>>>
>>>>>>> Ahmet
>>>>>>>
>>>>>>>
>>>>>>>   On Friday, June 13, 2014 2:30 PM, lalit jangra <
>>>>>>> lalit.j.jangra@gmail.com> wrote:
>>>>>>>
>>>>>>>
>>>>>>>  Thanks Karl,
>>>>>>>
>>>>>>> As i could not see any document in solr query, i used Luke to
open
>>>>>>> index and i could see below values for all MCF plugin fields
for all
>>>>>>> documents. These are something different from previous values.
>>>>>>>
>>>>>>> allow_token_document  = SP+KW:
>>>>>>> allow_token_share = __nosecurity__
>>>>>>> deny_token_document  = SP+KW:DEAD_AUTHORITY
>>>>>>> allow_token_share = __nosecurity__
>>>>>>>
>>>>>>> I think something or a lot of things missing here. I am attaching
>>>>>>> zip of solr index(very small one with 10 documents from sharepoint)
here.
>>>>>>> Please guide.
>>>>>>>
>>>>>>> Regards.
>>>>>>>
>>>>>>>
>>>>>>>
>>>>>>> On Fri, Jun 13, 2014 at 11:57 AM, Karl Wright <daddywri@gmail.com>
>>>>>>> wrote:
>>>>>>>
>>>>>>> Hi Lalit,
>>>>>>>
>>>>>>> Can you show me somehow some of the the ACLs that have been indexed
>>>>>>> with your documents?  The only other potential issue might be
that your
>>>>>>> repository connection(s) may not be part of the same authority
groups as
>>>>>>> your authority connections.  In that case, the indexed authority
tokens
>>>>>>> will have a different prefix (e.g. SP+KW in one case, something
else in the
>>>>>>> other).
>>>>>>>
>>>>>>> Karl
>>>>>>>
>>>>>>>
>>>>>>>
>>>>>>>
>>>>>>> On Fri, Jun 13, 2014 at 6:40 AM, lalit jangra <
>>>>>>> lalit.j.jangra@gmail.com> wrote:
>>>>>>>
>>>>>>> Hi Again,
>>>>>>>
>>>>>>> As per Karl's suggestion, i am now converting user from water.com\ljangra
>>>>>>> to ljangra@water.com. Also referring to http://localhost:8345/mcf-authority-service/UserACLs?username=ljangra@water.com
>>>>>>>
>>>>>>>
>>>>>>> <http://localhost:8345/mcf-authority-service/UserACLs?username=ljangra@iwater.ie>
>>>>>>> I can see below ACL.
>>>>>>> AUTHORIZED:SP+K+Conn
>>>>>>> TOKEN:SP+KW:Ui%3A0%23.w%7Ciwater.ie%255cljangra
>>>>>>> TOKEN:SP+KW:Uc%3A0%2B.w%7Cs-1-5-32-545
>>>>>>>
>>>>>>> TOKEN:SP+KW:Uc%3A0%2B.w%7Cs-1-5-21-2630432783-15384281-2988178474-15263
>>>>>>> TOKEN:SP+KW:Uc%3A0%2B.w%7Cs-1-5-21-2630432783-15384281-2988178474-513
>>>>>>>
>>>>>>> TOKEN:SP+KW:Uc%3A0%2B.w%7Cs-1-5-21-2630432783-15384281-2988178474-13472
>>>>>>>
>>>>>>> TOKEN:SP+KW:Uc%3A0%2B.w%7Cs-1-5-21-2630432783-15384281-2988178474-3182
>>>>>>>
>>>>>>> TOKEN:SP+KW:Uc%3A0%2B.w%7Cs-1-5-21-2630432783-15384281-2988178474-1619
>>>>>>>
>>>>>>> TOKEN:SP+KW:Uc%3A0%2B.w%7Cs-1-5-21-2630432783-15384281-2988178474-1813
>>>>>>>
>>>>>>> TOKEN:SP+KW:Ui%3A0%2B.w%7Cs-1-5-21-2630432783-15384281-2988178474-12149
>>>>>>> TOKEN:SP+KW:Uc%3A0%21.s%7Cwindows
>>>>>>>
>>>>>>> Still i am not able to see any results from query
>>>>>>>
>>>>>>> http://localhost:8983/solr/collection1/select?q=*%3A*&wt=json&indent=true&debugQuery=true&AuthenticatedUserName=ljangra@water.com
>>>>>>> <http://localhost:8983/solr/collection1/select?q=*%3A*&wt=json&indent=true&debugQuery=true&AuthenticatedUserName=ljangra@iwater.ie>
>>>>>>> . While debugging query i can see ACL doing fine. So i am confused
>>>>>>> why its now working. Can you please help.
>>>>>>>
>>>>>>> "parsed_filter_queries": [
>>>>>>>       "ConstantScore(+((+allow_token_share:__nosecurity__
>>>>>>> +deny_token_share:__nosecurity__)
>>>>>>> allow_token_share:SP+KW:Ui%3A0%23.w%7Ciwater.ie%255cljangra
>>>>>>> -deny_token_share:SP+KW:Ui%3A0%23.w%7Ciwater.ie%255cljangra
>>>>>>> allow_token_share:SP+KW:Uc%3A0%2B.w%7Cs-1-5-32-545
>>>>>>> -deny_token_share:SP+KW:Uc%3A0%2B.w%7Cs-1-5-32-545
>>>>>>> allow_token_share:SP+KW:Uc%3A0%2B.w%7Cs-1-5-21-2630432783-15384281-2988178474-15263
>>>>>>> -deny_token_share:SP+KW:Uc%3A0%2B.w%7Cs-1-5-21-2630432783-15384281-2988178474-15263
>>>>>>> allow_token_share:SP+KW:Uc%3A0%2B.w%7Cs-1-5-21-2630432783-15384281-2988178474-513
>>>>>>> -deny_token_share:SP+KW:Uc%3A0%2B.w%7Cs-1-5-21-2630432783-15384281-2988178474-513
>>>>>>> allow_token_share:SP+KW:Uc%3A0%2B.w%7Cs-1-5-21-2630432783-15384281-2988178474-13472
>>>>>>> -deny_token_share:SP+KW:Uc%3A0%2B.w%7Cs-1-5-21-2630432783-15384281-2988178474-13472
>>>>>>> allow_token_share:SP+KW:Uc%3A0%2B.w%7Cs-1-5-21-2630432783-15384281-2988178474-3182
>>>>>>> -deny_token_share:SP+KW:Uc%3A0%2B.w%7Cs-1-5-21-2630432783-15384281-2988178474-3182
>>>>>>> allow_token_share:SP+KW:Uc%3A0%2B.w%7Cs-1-5-21-2630432783-15384281-2988178474-1619
>>>>>>> -deny_token_share:SP+KW:Uc%3A0%2B.w%7Cs-1-5-21-2630432783-15384281-2988178474-1619
>>>>>>> allow_token_share:SP+KW:Uc%3A0%2B.w%7Cs-1-5-21-2630432783-15384281-2988178474-1813
>>>>>>> -deny_token_share:SP+KW:Uc%3A0%2B.w%7Cs-1-5-21-2630432783-15384281-2988178474-1813
>>>>>>> allow_token_share:SP+KW:Ui%3A0%2B.w%7Cs-1-5-21-2630432783-15384281-2988178474-12149
>>>>>>> -deny_token_share:SP+KW:Ui%3A0%2B.w%7Cs-1-5-21-2630432783-15384281-2988178474-12149
>>>>>>> allow_token_share:SP+KW:Uc%3A0%21.s%7Cwindows
>>>>>>> -deny_token_share:SP+KW:Uc%3A0%21.s%7Cwindows)
>>>>>>> +((+allow_token_document:__nosecurity__
>>>>>>> +deny_token_document:__nosecurity__)
>>>>>>> allow_token_document:SP+KW:Ui%3A0%23.w%7Ciwater.ie%255cljangra
>>>>>>> -deny_token_document:SP+KW:Ui%3A0%23.w%7Ciwater.ie%255cljangra
>>>>>>> allow_token_document:SP+KW:Uc%3A0%2B.w%7Cs-1-5-32-545
>>>>>>> -deny_token_document:SP+KW:Uc%3A0%2B.w%7Cs-1-5-32-545
>>>>>>> allow_token_document:SP+KW:Uc%3A0%2B.w%7Cs-1-5-21-2630432783-15384281-2988178474-15263
>>>>>>> -deny_token_document:SP+KW:Uc%3A0%2B.w%7Cs-1-5-21-2630432783-15384281-2988178474-15263
>>>>>>> allow_token_document:SP+KW:Uc%3A0%2B.w%7Cs-1-5-21-2630432783-15384281-2988178474-513
>>>>>>> -deny_token_document:SP+KW:Uc%3A0%2B.w%7Cs-1-5-21-2630432783-15384281-2988178474-513
>>>>>>> allow_token_document:SP+KW:Uc%3A0%2B.w%7Cs-1-5-21-2630432783-15384281-2988178474-13472
>>>>>>> -deny_token_document:SP+KW:Uc%3A0%2B.w%7Cs-1-5-21-2630432783-15384281-2988178474-13472
>>>>>>> allow_token_document:SP+KW:Uc%3A0%2B.w%7Cs-1-5-21-2630432783-15384281-2988178474-3182
>>>>>>> -deny_token_document:SP+KW:Uc%3A0%2B.w%7Cs-1-5-21-2630432783-15384281-2988178474-3182
>>>>>>> allow_token_document:SP+KW:Uc%3A0%2B.w%7Cs-1-5-21-2630432783-15384281-2988178474-1619
>>>>>>> -deny_token_document:SP+KW:Uc%3A0%2B.w%7Cs-1-5-21-2630432783-15384281-2988178474-1619
>>>>>>> allow_token_document:SP+KW:Uc%3A0%2B.w%7Cs-1-5-21-2630432783-15384281-2988178474-1813
>>>>>>> -deny_token_document:SP+KW:Uc%3A0%2B.w%7Cs-1-5-21-2630432783-15384281-2988178474-1813
>>>>>>> allow_token_document:SP+KW:Ui%3A0%2B.w%7Cs-1-5-21-2630432783-15384281-2988178474-12149
>>>>>>> -deny_token_document:SP+KW:Ui%3A0%2B.w%7Cs-1-5-21-2630432783-15384281-2988178474-12149
>>>>>>> allow_token_document:SP+KW:Uc%3A0%21.s%7Cwindows
>>>>>>> -deny_token_document:SP+KW:Uc%3A0%21.s%7Cwindows))"
>>>>>>>     ],
>>>>>>>
>>>>>>> Finally solr.log also seems to be fine.
>>>>>>>
>>>>>>> INFO  - 2014-06-13 11:38:19.862;
>>>>>>> org.apache.solr.mcf.ManifoldCFQParserPlugin$ManifoldCFQueryParser;
Trying
>>>>>>> to match docs for user '[:ljangra@water.com]'
>>>>>>> INFO  - 2014-06-13 11:38:19.909;
>>>>>>> org.apache.solr.mcf.ManifoldCFQParserPlugin$ManifoldCFQueryParser;
Saw
>>>>>>> authority response AUTHORIZED:SP+K+Conn
>>>>>>> INFO  - 2014-06-13 11:38:19.909; org.apache.solr.core.SolrCore;
>>>>>>> [collection1] webapp=/solr path=/select
>>>>>>> params={indent=true&q=*:*&_=1402655899834&wt=json&AuthenticatedUserName=
>>>>>>> ljangra@water.com} hits=0 status=0 QTime=47
>>>>>>>
>>>>>>> Regards.
>>>>>>>
>>>>>>>
>>>>>>> On Fri, Jun 13, 2014 at 12:13 AM, Ahmet Arslan <iorixxx@yahoo.com>
>>>>>>> wrote:
>>>>>>>
>>>>>>> Hi Lalit,
>>>>>>>
>>>>>>> It makes more sense to use appends section rather than defaults
>>>>>>> section when defining mcf query parser plugin in fq parameter.
>>>>>>>
>>>>>>> <lst name="appends">
>>>>>>>  <str name="fq">{!manifoldCFSecurity}</str>
>>>>>>> </lst>
>>>>>>>
>>>>>>>
>>>>>>>
>>>>>>>
>>>>>>>   On Friday, June 13, 2014 12:51 AM, lalit jangra <
>>>>>>> lalit.j.jangra@gmail.com> wrote:
>>>>>>>
>>>>>>>
>>>>>>>  Hi Ahmet,
>>>>>>>
>>>>>>> I have configured solrconfig.xml as per your suggestion.
>>>>>>>
>>>>>>>  <requestHandler name="/select" class="solr.SearchHandler">
>>>>>>>     <!-- default values for query parameters can be specified,
these
>>>>>>>          will be overridden by parameters in the request
>>>>>>>       -->
>>>>>>>      <lst name="defaults">
>>>>>>>        <str name="echoParams">explicit</str>
>>>>>>>        <int name="rows">1000</int>
>>>>>>>        <str name="df">text</str>
>>>>>>>        <str name="fq">{!manifoldCFSecurity}</str>
>>>>>>>      </lst>
>>>>>>> ....
>>>>>>> </requestHandler>
>>>>>>>
>>>>>>>
>>>>>>> Next i am running a job which indexes sharepoint content in solr
but
>>>>>>> when i am searching in solr, i am getting not results & getting
>>>>>>> UNREACHABLEAUTHORITY message.
>>>>>>>
>>>>>>> INFO  - 2014-06-12 22:22:29.944;
>>>>>>> org.apache.solr.core.SolrDeletionPolicy; SolrDeletionPolicy.onCommit:
>>>>>>> commits: num=2
>>>>>>>
>>>>>>> commit{dir=NRTCachingDirectory(org.apache.lucene.store.MMapDirectory@C:\solr-4.6.0\example\solr\collection1\data\index
>>>>>>> lockFactory=org.apache.lucene.store.NativeFSLockFactory@3971846;
>>>>>>> maxCacheMB=48.0 maxMergeSizeMB=4.0),segFN=segments_1,generation=1}
>>>>>>>
>>>>>>> commit{dir=NRTCachingDirectory(org.apache.lucene.store.MMapDirectory@C:\solr-4.6.0\example\solr\collection1\data\index
>>>>>>> lockFactory=org.apache.lucene.store.NativeFSLockFactory@3971846;
>>>>>>> maxCacheMB=48.0 maxMergeSizeMB=4.0),segFN=segments_2,generation=2}
>>>>>>> INFO  - 2014-06-12 22:22:29.944;
>>>>>>> org.apache.solr.core.SolrDeletionPolicy; newest commit generation
= 2
>>>>>>> INFO  - 2014-06-12 22:22:29.960;
>>>>>>> org.apache.solr.search.SolrIndexSearcher; Opening Searcher@5ac787b0
>>>>>>> main
>>>>>>> INFO  - 2014-06-12 22:22:29.975;
>>>>>>> org.apache.solr.update.DirectUpdateHandler2; end_commit_flush
>>>>>>> INFO  - 2014-06-12 22:22:29.975;
>>>>>>> org.apache.solr.core.QuerySenderListener; QuerySenderListener
sending
>>>>>>> requests to Searcher@5ac787b0
>>>>>>> main{StandardDirectoryReader(segments_2:3:nrt _0(4.6):C10)}
>>>>>>> INFO  - 2014-06-12 22:22:29.975;
>>>>>>> org.apache.solr.core.QuerySenderListener; QuerySenderListener
done.
>>>>>>> INFO  - 2014-06-12 22:22:29.975; org.apache.solr.core.SolrCore;
>>>>>>> [collection1] Registered new searcher Searcher@5ac787b0
>>>>>>> main{StandardDirectoryReader(segments_2:3:nrt _0(4.6):C10)}
>>>>>>> INFO  - 2014-06-12 22:22:29.975;
>>>>>>> org.apache.solr.update.processor.LogUpdateProcessor; [collection1]
>>>>>>> webapp=/solr path=/update/extract params={commit=true&wt=xml&version=2.2}
>>>>>>> {commit=} 0 265
>>>>>>> INFO  - 2014-06-12 22:22:35.663;
>>>>>>> org.apache.solr.servlet.SolrDispatchFilter; [admin] webapp=null
>>>>>>> path=/admin/cores params={indexInfo=false&_=1402608155643&wt=json}
status=0
>>>>>>> QTime=0
>>>>>>> INFO  - 2014-06-12 22:22:35.741;
>>>>>>> org.apache.solr.servlet.SolrDispatchFilter; [admin] webapp=null
>>>>>>> path=/admin/info/system params={_=1402608155681&wt=json}
status=0 QTime=15
>>>>>>> INFO  - 2014-06-12 22:22:36.960;
>>>>>>> org.apache.solr.mcf.ManifoldCFQParserPlugin$ManifoldCFQueryParser;
Default
>>>>>>> no-user response (open documents only)
>>>>>>> INFO  - 2014-06-12 22:22:36.976; org.apache.solr.core.SolrCore;
>>>>>>> [collection1] webapp=/solr path=/select
>>>>>>> params={indent=true&q=*:*&_=1402608156947&wt=json}
hits=0 status=0 QTime=16
>>>>>>> INFO  - 2014-06-12 22:22:40.569;
>>>>>>> org.apache.solr.mcf.ManifoldCFQParserPlugin$ManifoldCFQueryParser;
Trying
>>>>>>> to match docs for user '[:ljangra@water.com]'
>>>>>>> INFO  - 2014-06-12 22:22:40.726;
>>>>>>> org.apache.solr.mcf.ManifoldCFQParserPlugin$ManifoldCFQueryParser;
Saw
>>>>>>> authority response UNREACHABLEAUTHORITY:SsharepointAuthority
>>>>>>> INFO  - 2014-06-12 22:22:40.726; org.apache.solr.core.SolrCore;
>>>>>>> [collection1] webapp=/solr path=/select
>>>>>>> params={indent=true&q=*:*&_=1402608160548&wt=json&AuthenticatedUserName=
>>>>>>> ljangra@water.com} hits=0 status=0 QTime=157
>>>>>>>
>>>>>>> UNREACHABLEAUTHORITY means name of an authority that was found
to be
>>>>>>> unreachable or unusable but i am having same authority working
fine in MCF.
>>>>>>>
>>>>>>>
>>>>>>> Please help.
>>>>>>>
>>>>>>> Regards.
>>>>>>>
>>>>>>>
>>>>>>>
>>>>>>> On Thu, Jun 12, 2014 at 9:26 PM, Ahmet Arslan <iorixxx@yahoo.com>
>>>>>>> wrote:
>>>>>>>
>>>>>>> Hi Karl,
>>>>>>>
>>>>>>> May be we should use
>>>>>>>
>>>>>>>  <requestHandler name="/select" class="solr.SearchHandler">
>>>>>>>
>>>>>>> in
>>>>>>> https://svn.apache.org/repos/asf/manifoldcf/integration/solr-4.x/trunk/README.txt
>>>>>>>
>>>>>>> To avoid confusion?
>>>>>>>
>>>>>>> What do you think?
>>>>>>>
>>>>>>>
>>>>>>>   On Thursday, June 12, 2014 11:12 PM, Karl Wright <
>>>>>>> daddywri@gmail.com> wrote:
>>>>>>>
>>>>>>>
>>>>>>> What does your solrconfig.xml file look like?
>>>>>>> Karl
>>>>>>>
>>>>>>>
>>>>>>> On Thu, Jun 12, 2014 at 2:58 PM, lalit jangra <
>>>>>>> lalit.j.jangra@gmail.com> wrote:
>>>>>>>
>>>>>>> Hi Ahmet,
>>>>>>>
>>>>>>> I tried the way you suggested but its not working. My solr query
is
>>>>>>> as below.
>>>>>>>
>>>>>>>
>>>>>>> http://localhost:8983/solr/collection1/select?q=*%3A*&wt=json&indent=true&AuthenticatedUserName=ljangra@domain.entp
>>>>>>>
>>>>>>> Whatever name i am passing as AuthenticatedUserName, it returning
>>>>>>> all results.
>>>>>>>
>>>>>>> I have indexed my documents using mcf-solr plugin using instructions
>>>>>>> @
>>>>>>> https://svn.apache.org/repos/asf/manifoldcf/integration/solr-4.x/trunk/README.txt.
>>>>>>> Below are some of ACL stored in solr. Am i missing something?
>>>>>>>
>>>>>>> "_version_": 1470562493875093500,
>>>>>>>         "allow_token_share": [
>>>>>>>           "__nosecurity__"
>>>>>>>         ],
>>>>>>>         "deny_token_share": [
>>>>>>>           "__nosecurity__"
>>>>>>>         ]
>>>>>>>       },
>>>>>>>       {
>>>>>>>         "content_name": "Alfresco-in-an-Hour.pdf"
>>>>>>>         "deny_token_document": [
>>>>>>>           "SP+Group:DEAD_AUTHORITY"
>>>>>>>         ],
>>>>>>>         "allow_token_document": [
>>>>>>>           "SP+Group:GTest+lalit+Portal+Visitors",
>>>>>>>           "SP+Group:GTest+lalit+Portal+Owners",
>>>>>>>           "SP+Group:GRestricted+Readers",
>>>>>>>           "SP+Group:GTest+lalit+Administrators",
>>>>>>>           "SP+Group:GTest+lalit+Portal+Members",
>>>>>>>           "SP+Group:Uc%3A0%28.s%7Ctrue",
>>>>>>>           "SP+Group:GHierarchy+Managers",
>>>>>>>           "SP+Group:GApprovers",
>>>>>>>           "SP+Group:GViewers",
>>>>>>>           "SP+Group:GDesigners"
>>>>>>>         ],
>>>>>>>         "content_modified_date": "2014-06-04T00:00:00Z",
>>>>>>>
>>>>>>>
>>>>>>>
>>>>>>>                   SDD
>>>>>>>
>>>>>>>
>>>>>>>                    "_version_": 1470564182244982800
>>>>>>>       },
>>>>>>>       {
>>>>>>>         "deny_token_share": [
>>>>>>>           "AD+Group:DEAD_AUTHORITY"
>>>>>>>         ],
>>>>>>>         "content_name": "hekko.txt",
>>>>>>>         "content_modifier": "iwater.ie\\ljangra",
>>>>>>>         "deny_token_document": [
>>>>>>>           "AD+Group:DEAD_AUTHORITY"
>>>>>>>         ],
>>>>>>>                "id": "
>>>>>>> file://///10.231.82.15/AlfrescoInstallers/manifoldtest/hekko.txt",
>>>>>>>         "allow_token_document": [
>>>>>>>           "AD+Group:S-1-5-18",
>>>>>>>           "AD+Group:S-1-5-21-2630432783-15384281-2988178474-12088",
>>>>>>>           "AD+Group:S-1-5-21-2630432783-15384281-2988178474-12147",
>>>>>>>           "AD+Group:S-1-5-21-2630432783-15384281-2988178474-12148",
>>>>>>>           "AD+Group:S-1-5-21-2630432783-15384281-2988178474-12149",
>>>>>>>           "AD+Group:S-1-5-21-2630432783-15384281-2988178474-12150",
>>>>>>>           "AD+Group:S-1-5-21-2630432783-15384281-2988178474-12217",
>>>>>>>           "AD+Group:S-1-5-21-2630432783-15384281-2988178474-15154",
>>>>>>>           "AD+Group:S-1-5-21-2630432783-15384281-2988178474-8005",
>>>>>>>           "AD+Group:S-1-5-32-544"
>>>>>>>         ],
>>>>>>>
>>>>>>>         "allow_token_share": [
>>>>>>>           "AD+Group:S-1-1-0",
>>>>>>>           "AD+Group:S-1-5-32-544"
>>>>>>>         ],
>>>>>>>
>>>>>>>
>>>>>>>                 CMIS
>>>>>>>
>>>>>>>                 "allow_token_share": [
>>>>>>>           "__nosecurity__"
>>>>>>>         ],
>>>>>>>         "deny_token_document": [
>>>>>>>           "__nosecurity__"
>>>>>>>         ],
>>>>>>>         "deny_token_share": [
>>>>>>>           "__nosecurity__"
>>>>>>>         ],
>>>>>>>         "allow_token_document": [
>>>>>>>           "__nosecurity__"
>>>>>>>         ]
>>>>>>>
>>>>>>> Regards.
>>>>>>>
>>>>>>>
>>>>>>>
>>>>>>> On Thu, Jun 12, 2014 at 3:01 PM, Ahmet Arslan <iorixxx@yahoo.com>
>>>>>>> wrote:
>>>>>>>
>>>>>>> Hi,
>>>>>>>
>>>>>>> As documented here
>>>>>>> https://svn.apache.org/repos/asf/manifoldcf/integration/solr-4.x/trunk/README.txt
>>>>>>>
>>>>>>> "At a minimum, AuthenticatedUserName must be present in order"
>>>>>>>
>>>>>>>
>>>>>>> This is a URL parameter, just like Solr params. Here is an example.
>>>>>>>
>>>>>>>
>>>>>>> http://localhost:8983/solr/documents/select?q=*%3A*&wt=xml&AuthenticatedUserName=ahmet@g-b.entp&facet=on&facet.field=Content-Type
>>>>>>> <http://localhost:8983/solr/documents/select?q=*%3A*&wt=xml&debugQuery=true&AuthenticatedUserName=ahmet@g-b.entp&facet=on&facet.field=Content-Type>
>>>>>>>
>>>>>>>
>>>>>>>   On Thursday, June 12, 2014 4:28 PM, lalit jangra <
>>>>>>> lalit.j.jangra@gmail.com> wrote:
>>>>>>>
>>>>>>>
>>>>>>>  Hi All,
>>>>>>>
>>>>>>> As continuing from
>>>>>>> http://lucene.472066.n3.nabble.com/How-to-query-for-content-with-ACLs-td4141402.html
>>>>>>> as per Ahmet's suggestion.
>>>>>>>
>>>>>>> I have setup mcf-solr4x-plugin in MCF 1.5.1 and i can see ACLs
>>>>>>> indexed into solr indexes.
>>>>>>>
>>>>>>> Now i want to write Solr query to put a user's permission details
>>>>>>> into in it which can be compared to ACL stored in solr and only
those
>>>>>>> results will be returned to user on which he has been assigned
ACL.
>>>>>>>
>>>>>>> How can i do this?  Can i use MCF filter  below here or do i
need to
>>>>>>> write custom query for my need?
>>>>>>>
>>>>>>> <requestHandler name="search" class="solr.SearchHandler"
>>>>>>> default="true">
>>>>>>>   <lst name="appends">
>>>>>>>     <str name="fq">{!manifoldCFSecurity}</str>
>>>>>>>   </lst>
>>>>>>> </requestHandler>
>>>>>>>
>>>>>>> Please help.
>>>>>>>
>>>>>>> Regards,
>>>>>>> Lalit Jangra.
>>>>>>>
>>>>>>>
>>>>>>>
>>>>>>>
>>>>>>>
>>>>>>> --
>>>>>>> Regards,
>>>>>>> Lalit Jangra.
>>>>>>>
>>>>>>>
>>>>>>>
>>>>>>>
>>>>>>>
>>>>>>>
>>>>>>>
>>>>>>> --
>>>>>>> Regards,
>>>>>>> Lalit Jangra.
>>>>>>>
>>>>>>>
>>>>>>>
>>>>>>>
>>>>>>>
>>>>>>> --
>>>>>>> Regards,
>>>>>>> Lalit Jangra.
>>>>>>>
>>>>>>>
>>>>>>>
>>>>>>>
>>>>>>>
>>>>>>> --
>>>>>>> Regards,
>>>>>>> Lalit Jangra.
>>>>>>>
>>>>>>>
>>>>>>>
>>>>>>
>>>>>>
>>>>>> --
>>>>>> Regards,
>>>>>> Lalit Jangra.
>>>>>>
>>>>>
>>>>>
>>>>
>>>
>>
>>
>> --
>> Regards,
>> Lalit Jangra.
>>
>
>


-- 
Regards,
Lalit Jangra.

Mime
View raw message