manifoldcf-user mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From lalit jangra <lalit.j.jan...@gmail.com>
Subject Re: How to query for content with ACLs?
Date Fri, 13 Jun 2014 13:56:18 GMT
Thanks Karl,

After resetting everything again, now i could see content with ACL posted
to solr as per your instructions. Thanks again for this.I am attaching
solr.log.

But still i am not able to see any content using /select query handler &
attached Select.log for same.

While using /query request handler, i can see results with ACL but whatever
name i provide, it returns all results so effectively ACL not working,
attached Query.log for same.

Can you please guide.

Regards.


On Fri, Jun 13, 2014 at 1:37 PM, Karl Wright <daddywri@gmail.com> wrote:

> I wonder if this is a Luke bug?
> The access tokens might well have a form that Luke doesn't like to
> display.  That is the only thing that's making any sense to me at the
> moment.
>
> Karl
>
>
>
> On Fri, Jun 13, 2014 at 8:29 AM, Karl Wright <daddywri@gmail.com> wrote:
>
>>
>> FWIW, your authority setup seems to be working properly, and the query
>> generator is working properly too.  Only the acls are messed up.
>>
>> This is the interesting bit:
>>
>> "allow_token_document": [
>>
>>           "SP+KW:"]
>>
>>
>> It looks like a blank access token is being fetched for this list item,
>> which does not make any sense to me.  And yet we saw access tokens before,
>> correct?
>>
>>
>> Karl
>>
>>
>>
>> On Fri, Jun 13, 2014 at 8:22 AM, Karl Wright <daddywri@gmail.com> wrote:
>>
>>> Hi Lalit,
>>>
>>> It is clear that your access tokens have not been actually indexed.  But
>>> I remember seeing that they were correctly posted to Solr.  So now I am
>>> confused.
>>>
>>> Can you please do the following:
>>> - Click the "reindex all documents" button in the MCF view page for your
>>> output connection
>>> - Start your job
>>> - Send me the Solr info output about what has been posted
>>>
>>> When that is done, if what is posted looks correct, you SHOULD have a
>>> Solr index that has ACLs in it.
>>> If it does not look correct, we will have to go back and look at your
>>> connections etc. to see why the acls are not being fetched.
>>>
>>> Thanks,
>>> Karl
>>>
>>>
>>> On Fri, Jun 13, 2014 at 8:16 AM, lalit jangra <lalit.j.jangra@gmail.com>
>>> wrote:
>>>
>>>> Hi Again,
>>>>
>>>> I used /query for debugging & using
>>>>
>>>>
>>>> http://localhost:8983/solr/collection1/query?q=*%3A*&wt=json&indent=true&AuthenticatedUserName=ljangra@water.com
>>>> <http://localhost:8983/solr/collection1/query?q=*%3A*&wt=json&indent=true&AuthenticatedUserName=ljangra@iwater.ie>
>>>>
>>>>
>>>>
>>>> <http://localhost:8983/solr/collection1/query?q=*%3A*&wt=json&indent=true&AuthenticatedUserName=ljangra@iwater.ie>I
>>>> could see below results without much information about ACLs.
>>>>
>>>>
>>>>
>>>>
>>>>         "deny_token_document": [
>>>>
>>>>           "SP+KW:DEAD_AUTHORITY"
>>>>
>>>>         ],
>>>>
>>>>         "id": "
>>>> http://testhwaterportal/water/Lists/IWList/DispForm.aspx?ID=1
>>>> <http://testirishwaterportal/irish-water/irish-water/Lists/IWList/DispForm.aspx?ID=1>
>>>> ",
>>>>
>>>>         "allow_token_document": [
>>>>
>>>>           "SP+KW:"
>>>>
>>>>         ],
>>>>
>>>>         "content": [
>>>>
>>>>           " \n \n  \n  \n  \n  \n  \n  \n  \n \n   "
>>>>
>>>>         ],
>>>>
>>>>         "_version_": 1470790301540941800,
>>>>
>>>>         "allow_token_share": [
>>>>
>>>>           "__nosecurity__"
>>>>
>>>>         ],
>>>>
>>>>         "deny_token_share": [
>>>>
>>>>           "__nosecurity__"
>>>>
>>>>         ]
>>>>       }
>>>>
>>>>
>>>>
>>>> On Fri, Jun 13, 2014 at 12:54 PM, Ahmet Arslan <iorixxx@yahoo.com>
>>>> wrote:
>>>>
>>>>> Hi  Lalit,
>>>>>
>>>>> regarding "As i could not see any document in solr query,"
>>>>>
>>>>> Here is the best practise that I use :
>>>>>
>>>>> I configure /select request handler (RH) with mcfQParser, intended to
>>>>> use in production, default RH.
>>>>>
>>>>> I also use /query RH without mcfQParser, for debugging purposes.
>>>>>
>>>>> http://localhost:8983/solr/collection1/query?q=*%3A*&wt=json&indent=true&fl=allow*
>>>>>
>>>>> Ahmet
>>>>>
>>>>>
>>>>>   On Friday, June 13, 2014 2:30 PM, lalit jangra <
>>>>> lalit.j.jangra@gmail.com> wrote:
>>>>>
>>>>>
>>>>>  Thanks Karl,
>>>>>
>>>>> As i could not see any document in solr query, i used Luke to open
>>>>> index and i could see below values for all MCF plugin fields for all
>>>>> documents. These are something different from previous values.
>>>>>
>>>>> allow_token_document  = SP+KW:
>>>>> allow_token_share = __nosecurity__
>>>>> deny_token_document  = SP+KW:DEAD_AUTHORITY
>>>>> allow_token_share = __nosecurity__
>>>>>
>>>>> I think something or a lot of things missing here. I am attaching zip
>>>>> of solr index(very small one with 10 documents from sharepoint) here.
>>>>> Please guide.
>>>>>
>>>>> Regards.
>>>>>
>>>>>
>>>>>
>>>>> On Fri, Jun 13, 2014 at 11:57 AM, Karl Wright <daddywri@gmail.com>
>>>>> wrote:
>>>>>
>>>>> Hi Lalit,
>>>>>
>>>>> Can you show me somehow some of the the ACLs that have been indexed
>>>>> with your documents?  The only other potential issue might be that your
>>>>> repository connection(s) may not be part of the same authority groups
as
>>>>> your authority connections.  In that case, the indexed authority tokens
>>>>> will have a different prefix (e.g. SP+KW in one case, something else
in the
>>>>> other).
>>>>>
>>>>> Karl
>>>>>
>>>>>
>>>>>
>>>>>
>>>>> On Fri, Jun 13, 2014 at 6:40 AM, lalit jangra <
>>>>> lalit.j.jangra@gmail.com> wrote:
>>>>>
>>>>> Hi Again,
>>>>>
>>>>> As per Karl's suggestion, i am now converting user from water.com\ljangra
>>>>> to ljangra@water.com. Also referring to http://localhost:8345/mcf-authority-service/UserACLs?username=ljangra@water.com
>>>>>
>>>>>
>>>>> <http://localhost:8345/mcf-authority-service/UserACLs?username=ljangra@iwater.ie>
>>>>> I can see below ACL.
>>>>> AUTHORIZED:SP+K+Conn
>>>>> TOKEN:SP+KW:Ui%3A0%23.w%7Ciwater.ie%255cljangra
>>>>> TOKEN:SP+KW:Uc%3A0%2B.w%7Cs-1-5-32-545
>>>>> TOKEN:SP+KW:Uc%3A0%2B.w%7Cs-1-5-21-2630432783-15384281-2988178474-15263
>>>>> TOKEN:SP+KW:Uc%3A0%2B.w%7Cs-1-5-21-2630432783-15384281-2988178474-513
>>>>> TOKEN:SP+KW:Uc%3A0%2B.w%7Cs-1-5-21-2630432783-15384281-2988178474-13472
>>>>> TOKEN:SP+KW:Uc%3A0%2B.w%7Cs-1-5-21-2630432783-15384281-2988178474-3182
>>>>> TOKEN:SP+KW:Uc%3A0%2B.w%7Cs-1-5-21-2630432783-15384281-2988178474-1619
>>>>> TOKEN:SP+KW:Uc%3A0%2B.w%7Cs-1-5-21-2630432783-15384281-2988178474-1813
>>>>> TOKEN:SP+KW:Ui%3A0%2B.w%7Cs-1-5-21-2630432783-15384281-2988178474-12149
>>>>> TOKEN:SP+KW:Uc%3A0%21.s%7Cwindows
>>>>>
>>>>> Still i am not able to see any results from query
>>>>>
>>>>> http://localhost:8983/solr/collection1/select?q=*%3A*&wt=json&indent=true&debugQuery=true&AuthenticatedUserName=ljangra@water.com
>>>>> <http://localhost:8983/solr/collection1/select?q=*%3A*&wt=json&indent=true&debugQuery=true&AuthenticatedUserName=ljangra@iwater.ie>
>>>>> . While debugging query i can see ACL doing fine. So i am confused
>>>>> why its now working. Can you please help.
>>>>>
>>>>> "parsed_filter_queries": [
>>>>>       "ConstantScore(+((+allow_token_share:__nosecurity__
>>>>> +deny_token_share:__nosecurity__)
>>>>> allow_token_share:SP+KW:Ui%3A0%23.w%7Ciwater.ie%255cljangra
>>>>> -deny_token_share:SP+KW:Ui%3A0%23.w%7Ciwater.ie%255cljangra
>>>>> allow_token_share:SP+KW:Uc%3A0%2B.w%7Cs-1-5-32-545
>>>>> -deny_token_share:SP+KW:Uc%3A0%2B.w%7Cs-1-5-32-545
>>>>> allow_token_share:SP+KW:Uc%3A0%2B.w%7Cs-1-5-21-2630432783-15384281-2988178474-15263
>>>>> -deny_token_share:SP+KW:Uc%3A0%2B.w%7Cs-1-5-21-2630432783-15384281-2988178474-15263
>>>>> allow_token_share:SP+KW:Uc%3A0%2B.w%7Cs-1-5-21-2630432783-15384281-2988178474-513
>>>>> -deny_token_share:SP+KW:Uc%3A0%2B.w%7Cs-1-5-21-2630432783-15384281-2988178474-513
>>>>> allow_token_share:SP+KW:Uc%3A0%2B.w%7Cs-1-5-21-2630432783-15384281-2988178474-13472
>>>>> -deny_token_share:SP+KW:Uc%3A0%2B.w%7Cs-1-5-21-2630432783-15384281-2988178474-13472
>>>>> allow_token_share:SP+KW:Uc%3A0%2B.w%7Cs-1-5-21-2630432783-15384281-2988178474-3182
>>>>> -deny_token_share:SP+KW:Uc%3A0%2B.w%7Cs-1-5-21-2630432783-15384281-2988178474-3182
>>>>> allow_token_share:SP+KW:Uc%3A0%2B.w%7Cs-1-5-21-2630432783-15384281-2988178474-1619
>>>>> -deny_token_share:SP+KW:Uc%3A0%2B.w%7Cs-1-5-21-2630432783-15384281-2988178474-1619
>>>>> allow_token_share:SP+KW:Uc%3A0%2B.w%7Cs-1-5-21-2630432783-15384281-2988178474-1813
>>>>> -deny_token_share:SP+KW:Uc%3A0%2B.w%7Cs-1-5-21-2630432783-15384281-2988178474-1813
>>>>> allow_token_share:SP+KW:Ui%3A0%2B.w%7Cs-1-5-21-2630432783-15384281-2988178474-12149
>>>>> -deny_token_share:SP+KW:Ui%3A0%2B.w%7Cs-1-5-21-2630432783-15384281-2988178474-12149
>>>>> allow_token_share:SP+KW:Uc%3A0%21.s%7Cwindows
>>>>> -deny_token_share:SP+KW:Uc%3A0%21.s%7Cwindows)
>>>>> +((+allow_token_document:__nosecurity__
>>>>> +deny_token_document:__nosecurity__)
>>>>> allow_token_document:SP+KW:Ui%3A0%23.w%7Ciwater.ie%255cljangra
>>>>> -deny_token_document:SP+KW:Ui%3A0%23.w%7Ciwater.ie%255cljangra
>>>>> allow_token_document:SP+KW:Uc%3A0%2B.w%7Cs-1-5-32-545
>>>>> -deny_token_document:SP+KW:Uc%3A0%2B.w%7Cs-1-5-32-545
>>>>> allow_token_document:SP+KW:Uc%3A0%2B.w%7Cs-1-5-21-2630432783-15384281-2988178474-15263
>>>>> -deny_token_document:SP+KW:Uc%3A0%2B.w%7Cs-1-5-21-2630432783-15384281-2988178474-15263
>>>>> allow_token_document:SP+KW:Uc%3A0%2B.w%7Cs-1-5-21-2630432783-15384281-2988178474-513
>>>>> -deny_token_document:SP+KW:Uc%3A0%2B.w%7Cs-1-5-21-2630432783-15384281-2988178474-513
>>>>> allow_token_document:SP+KW:Uc%3A0%2B.w%7Cs-1-5-21-2630432783-15384281-2988178474-13472
>>>>> -deny_token_document:SP+KW:Uc%3A0%2B.w%7Cs-1-5-21-2630432783-15384281-2988178474-13472
>>>>> allow_token_document:SP+KW:Uc%3A0%2B.w%7Cs-1-5-21-2630432783-15384281-2988178474-3182
>>>>> -deny_token_document:SP+KW:Uc%3A0%2B.w%7Cs-1-5-21-2630432783-15384281-2988178474-3182
>>>>> allow_token_document:SP+KW:Uc%3A0%2B.w%7Cs-1-5-21-2630432783-15384281-2988178474-1619
>>>>> -deny_token_document:SP+KW:Uc%3A0%2B.w%7Cs-1-5-21-2630432783-15384281-2988178474-1619
>>>>> allow_token_document:SP+KW:Uc%3A0%2B.w%7Cs-1-5-21-2630432783-15384281-2988178474-1813
>>>>> -deny_token_document:SP+KW:Uc%3A0%2B.w%7Cs-1-5-21-2630432783-15384281-2988178474-1813
>>>>> allow_token_document:SP+KW:Ui%3A0%2B.w%7Cs-1-5-21-2630432783-15384281-2988178474-12149
>>>>> -deny_token_document:SP+KW:Ui%3A0%2B.w%7Cs-1-5-21-2630432783-15384281-2988178474-12149
>>>>> allow_token_document:SP+KW:Uc%3A0%21.s%7Cwindows
>>>>> -deny_token_document:SP+KW:Uc%3A0%21.s%7Cwindows))"
>>>>>     ],
>>>>>
>>>>> Finally solr.log also seems to be fine.
>>>>>
>>>>> INFO  - 2014-06-13 11:38:19.862;
>>>>> org.apache.solr.mcf.ManifoldCFQParserPlugin$ManifoldCFQueryParser; Trying
>>>>> to match docs for user '[:ljangra@water.com]'
>>>>> INFO  - 2014-06-13 11:38:19.909;
>>>>> org.apache.solr.mcf.ManifoldCFQParserPlugin$ManifoldCFQueryParser; Saw
>>>>> authority response AUTHORIZED:SP+K+Conn
>>>>> INFO  - 2014-06-13 11:38:19.909; org.apache.solr.core.SolrCore;
>>>>> [collection1] webapp=/solr path=/select
>>>>> params={indent=true&q=*:*&_=1402655899834&wt=json&AuthenticatedUserName=
>>>>> ljangra@water.com} hits=0 status=0 QTime=47
>>>>>
>>>>> Regards.
>>>>>
>>>>>
>>>>> On Fri, Jun 13, 2014 at 12:13 AM, Ahmet Arslan <iorixxx@yahoo.com>
>>>>> wrote:
>>>>>
>>>>> Hi Lalit,
>>>>>
>>>>> It makes more sense to use appends section rather than defaults
>>>>> section when defining mcf query parser plugin in fq parameter.
>>>>>
>>>>> <lst name="appends">
>>>>>  <str name="fq">{!manifoldCFSecurity}</str>
>>>>> </lst>
>>>>>
>>>>>
>>>>>
>>>>>
>>>>>   On Friday, June 13, 2014 12:51 AM, lalit jangra <
>>>>> lalit.j.jangra@gmail.com> wrote:
>>>>>
>>>>>
>>>>>  Hi Ahmet,
>>>>>
>>>>> I have configured solrconfig.xml as per your suggestion.
>>>>>
>>>>>  <requestHandler name="/select" class="solr.SearchHandler">
>>>>>     <!-- default values for query parameters can be specified, these
>>>>>          will be overridden by parameters in the request
>>>>>       -->
>>>>>      <lst name="defaults">
>>>>>        <str name="echoParams">explicit</str>
>>>>>        <int name="rows">1000</int>
>>>>>        <str name="df">text</str>
>>>>>        <str name="fq">{!manifoldCFSecurity}</str>
>>>>>      </lst>
>>>>> ....
>>>>> </requestHandler>
>>>>>
>>>>>
>>>>> Next i am running a job which indexes sharepoint content in solr but
>>>>> when i am searching in solr, i am getting not results & getting
>>>>> UNREACHABLEAUTHORITY message.
>>>>>
>>>>> INFO  - 2014-06-12 22:22:29.944;
>>>>> org.apache.solr.core.SolrDeletionPolicy; SolrDeletionPolicy.onCommit:
>>>>> commits: num=2
>>>>>
>>>>> commit{dir=NRTCachingDirectory(org.apache.lucene.store.MMapDirectory@C:\solr-4.6.0\example\solr\collection1\data\index
>>>>> lockFactory=org.apache.lucene.store.NativeFSLockFactory@3971846;
>>>>> maxCacheMB=48.0 maxMergeSizeMB=4.0),segFN=segments_1,generation=1}
>>>>>
>>>>> commit{dir=NRTCachingDirectory(org.apache.lucene.store.MMapDirectory@C:\solr-4.6.0\example\solr\collection1\data\index
>>>>> lockFactory=org.apache.lucene.store.NativeFSLockFactory@3971846;
>>>>> maxCacheMB=48.0 maxMergeSizeMB=4.0),segFN=segments_2,generation=2}
>>>>> INFO  - 2014-06-12 22:22:29.944;
>>>>> org.apache.solr.core.SolrDeletionPolicy; newest commit generation = 2
>>>>> INFO  - 2014-06-12 22:22:29.960;
>>>>> org.apache.solr.search.SolrIndexSearcher; Opening Searcher@5ac787b0
>>>>> main
>>>>> INFO  - 2014-06-12 22:22:29.975;
>>>>> org.apache.solr.update.DirectUpdateHandler2; end_commit_flush
>>>>> INFO  - 2014-06-12 22:22:29.975;
>>>>> org.apache.solr.core.QuerySenderListener; QuerySenderListener sending
>>>>> requests to Searcher@5ac787b0
>>>>> main{StandardDirectoryReader(segments_2:3:nrt _0(4.6):C10)}
>>>>> INFO  - 2014-06-12 22:22:29.975;
>>>>> org.apache.solr.core.QuerySenderListener; QuerySenderListener done.
>>>>> INFO  - 2014-06-12 22:22:29.975; org.apache.solr.core.SolrCore;
>>>>> [collection1] Registered new searcher Searcher@5ac787b0
>>>>> main{StandardDirectoryReader(segments_2:3:nrt _0(4.6):C10)}
>>>>> INFO  - 2014-06-12 22:22:29.975;
>>>>> org.apache.solr.update.processor.LogUpdateProcessor; [collection1]
>>>>> webapp=/solr path=/update/extract params={commit=true&wt=xml&version=2.2}
>>>>> {commit=} 0 265
>>>>> INFO  - 2014-06-12 22:22:35.663;
>>>>> org.apache.solr.servlet.SolrDispatchFilter; [admin] webapp=null
>>>>> path=/admin/cores params={indexInfo=false&_=1402608155643&wt=json}
status=0
>>>>> QTime=0
>>>>> INFO  - 2014-06-12 22:22:35.741;
>>>>> org.apache.solr.servlet.SolrDispatchFilter; [admin] webapp=null
>>>>> path=/admin/info/system params={_=1402608155681&wt=json} status=0
QTime=15
>>>>> INFO  - 2014-06-12 22:22:36.960;
>>>>> org.apache.solr.mcf.ManifoldCFQParserPlugin$ManifoldCFQueryParser; Default
>>>>> no-user response (open documents only)
>>>>> INFO  - 2014-06-12 22:22:36.976; org.apache.solr.core.SolrCore;
>>>>> [collection1] webapp=/solr path=/select
>>>>> params={indent=true&q=*:*&_=1402608156947&wt=json} hits=0
status=0 QTime=16
>>>>> INFO  - 2014-06-12 22:22:40.569;
>>>>> org.apache.solr.mcf.ManifoldCFQParserPlugin$ManifoldCFQueryParser; Trying
>>>>> to match docs for user '[:ljangra@water.com]'
>>>>> INFO  - 2014-06-12 22:22:40.726;
>>>>> org.apache.solr.mcf.ManifoldCFQParserPlugin$ManifoldCFQueryParser; Saw
>>>>> authority response UNREACHABLEAUTHORITY:SsharepointAuthority
>>>>> INFO  - 2014-06-12 22:22:40.726; org.apache.solr.core.SolrCore;
>>>>> [collection1] webapp=/solr path=/select
>>>>> params={indent=true&q=*:*&_=1402608160548&wt=json&AuthenticatedUserName=
>>>>> ljangra@water.com} hits=0 status=0 QTime=157
>>>>>
>>>>> UNREACHABLEAUTHORITY means name of an authority that was found to be
>>>>> unreachable or unusable but i am having same authority working fine in
MCF.
>>>>>
>>>>>
>>>>> Please help.
>>>>>
>>>>> Regards.
>>>>>
>>>>>
>>>>>
>>>>> On Thu, Jun 12, 2014 at 9:26 PM, Ahmet Arslan <iorixxx@yahoo.com>
>>>>> wrote:
>>>>>
>>>>> Hi Karl,
>>>>>
>>>>> May be we should use
>>>>>
>>>>>  <requestHandler name="/select" class="solr.SearchHandler">
>>>>>
>>>>> in
>>>>> https://svn.apache.org/repos/asf/manifoldcf/integration/solr-4.x/trunk/README.txt
>>>>>
>>>>> To avoid confusion?
>>>>>
>>>>> What do you think?
>>>>>
>>>>>
>>>>>   On Thursday, June 12, 2014 11:12 PM, Karl Wright <daddywri@gmail.com>
>>>>> wrote:
>>>>>
>>>>>
>>>>> What does your solrconfig.xml file look like?
>>>>> Karl
>>>>>
>>>>>
>>>>> On Thu, Jun 12, 2014 at 2:58 PM, lalit jangra <
>>>>> lalit.j.jangra@gmail.com> wrote:
>>>>>
>>>>> Hi Ahmet,
>>>>>
>>>>> I tried the way you suggested but its not working. My solr query is as
>>>>> below.
>>>>>
>>>>>
>>>>> http://localhost:8983/solr/collection1/select?q=*%3A*&wt=json&indent=true&AuthenticatedUserName=ljangra@domain.entp
>>>>>
>>>>> Whatever name i am passing as AuthenticatedUserName, it returning all
>>>>> results.
>>>>>
>>>>> I have indexed my documents using mcf-solr plugin using instructions
@
>>>>> https://svn.apache.org/repos/asf/manifoldcf/integration/solr-4.x/trunk/README.txt.
>>>>> Below are some of ACL stored in solr. Am i missing something?
>>>>>
>>>>> "_version_": 1470562493875093500,
>>>>>         "allow_token_share": [
>>>>>           "__nosecurity__"
>>>>>         ],
>>>>>         "deny_token_share": [
>>>>>           "__nosecurity__"
>>>>>         ]
>>>>>       },
>>>>>       {
>>>>>         "content_name": "Alfresco-in-an-Hour.pdf"
>>>>>         "deny_token_document": [
>>>>>           "SP+Group:DEAD_AUTHORITY"
>>>>>         ],
>>>>>         "allow_token_document": [
>>>>>           "SP+Group:GTest+lalit+Portal+Visitors",
>>>>>           "SP+Group:GTest+lalit+Portal+Owners",
>>>>>           "SP+Group:GRestricted+Readers",
>>>>>           "SP+Group:GTest+lalit+Administrators",
>>>>>           "SP+Group:GTest+lalit+Portal+Members",
>>>>>           "SP+Group:Uc%3A0%28.s%7Ctrue",
>>>>>           "SP+Group:GHierarchy+Managers",
>>>>>           "SP+Group:GApprovers",
>>>>>           "SP+Group:GViewers",
>>>>>           "SP+Group:GDesigners"
>>>>>         ],
>>>>>         "content_modified_date": "2014-06-04T00:00:00Z",
>>>>>
>>>>>
>>>>>
>>>>>                   SDD
>>>>>
>>>>>
>>>>>                    "_version_": 1470564182244982800
>>>>>       },
>>>>>       {
>>>>>         "deny_token_share": [
>>>>>           "AD+Group:DEAD_AUTHORITY"
>>>>>         ],
>>>>>         "content_name": "hekko.txt",
>>>>>         "content_modifier": "iwater.ie\\ljangra",
>>>>>         "deny_token_document": [
>>>>>           "AD+Group:DEAD_AUTHORITY"
>>>>>         ],
>>>>>                "id": "
>>>>> file://///10.231.82.15/AlfrescoInstallers/manifoldtest/hekko.txt",
>>>>>         "allow_token_document": [
>>>>>           "AD+Group:S-1-5-18",
>>>>>           "AD+Group:S-1-5-21-2630432783-15384281-2988178474-12088",
>>>>>           "AD+Group:S-1-5-21-2630432783-15384281-2988178474-12147",
>>>>>           "AD+Group:S-1-5-21-2630432783-15384281-2988178474-12148",
>>>>>           "AD+Group:S-1-5-21-2630432783-15384281-2988178474-12149",
>>>>>           "AD+Group:S-1-5-21-2630432783-15384281-2988178474-12150",
>>>>>           "AD+Group:S-1-5-21-2630432783-15384281-2988178474-12217",
>>>>>           "AD+Group:S-1-5-21-2630432783-15384281-2988178474-15154",
>>>>>           "AD+Group:S-1-5-21-2630432783-15384281-2988178474-8005",
>>>>>           "AD+Group:S-1-5-32-544"
>>>>>         ],
>>>>>
>>>>>         "allow_token_share": [
>>>>>           "AD+Group:S-1-1-0",
>>>>>           "AD+Group:S-1-5-32-544"
>>>>>         ],
>>>>>
>>>>>
>>>>>                 CMIS
>>>>>
>>>>>                 "allow_token_share": [
>>>>>           "__nosecurity__"
>>>>>         ],
>>>>>         "deny_token_document": [
>>>>>           "__nosecurity__"
>>>>>         ],
>>>>>         "deny_token_share": [
>>>>>           "__nosecurity__"
>>>>>         ],
>>>>>         "allow_token_document": [
>>>>>           "__nosecurity__"
>>>>>         ]
>>>>>
>>>>> Regards.
>>>>>
>>>>>
>>>>>
>>>>> On Thu, Jun 12, 2014 at 3:01 PM, Ahmet Arslan <iorixxx@yahoo.com>
>>>>> wrote:
>>>>>
>>>>> Hi,
>>>>>
>>>>> As documented here
>>>>> https://svn.apache.org/repos/asf/manifoldcf/integration/solr-4.x/trunk/README.txt
>>>>>
>>>>> "At a minimum, AuthenticatedUserName must be present in order"
>>>>>
>>>>>
>>>>> This is a URL parameter, just like Solr params. Here is an example.
>>>>>
>>>>>
>>>>> http://localhost:8983/solr/documents/select?q=*%3A*&wt=xml&AuthenticatedUserName=ahmet@g-b.entp&facet=on&facet.field=Content-Type
>>>>> <http://localhost:8983/solr/documents/select?q=*%3A*&wt=xml&debugQuery=true&AuthenticatedUserName=ahmet@g-b.entp&facet=on&facet.field=Content-Type>
>>>>>
>>>>>
>>>>>   On Thursday, June 12, 2014 4:28 PM, lalit jangra <
>>>>> lalit.j.jangra@gmail.com> wrote:
>>>>>
>>>>>
>>>>>  Hi All,
>>>>>
>>>>> As continuing from
>>>>> http://lucene.472066.n3.nabble.com/How-to-query-for-content-with-ACLs-td4141402.html
>>>>> as per Ahmet's suggestion.
>>>>>
>>>>> I have setup mcf-solr4x-plugin in MCF 1.5.1 and i can see ACLs indexed
>>>>> into solr indexes.
>>>>>
>>>>> Now i want to write Solr query to put a user's permission details into
>>>>> in it which can be compared to ACL stored in solr and only those results
>>>>> will be returned to user on which he has been assigned ACL.
>>>>>
>>>>> How can i do this?  Can i use MCF filter  below here or do i need to
>>>>> write custom query for my need?
>>>>>
>>>>> <requestHandler name="search" class="solr.SearchHandler"
>>>>> default="true">
>>>>>   <lst name="appends">
>>>>>     <str name="fq">{!manifoldCFSecurity}</str>
>>>>>   </lst>
>>>>> </requestHandler>
>>>>>
>>>>> Please help.
>>>>>
>>>>> Regards,
>>>>> Lalit Jangra.
>>>>>
>>>>>
>>>>>
>>>>>
>>>>>
>>>>> --
>>>>> Regards,
>>>>> Lalit Jangra.
>>>>>
>>>>>
>>>>>
>>>>>
>>>>>
>>>>>
>>>>>
>>>>> --
>>>>> Regards,
>>>>> Lalit Jangra.
>>>>>
>>>>>
>>>>>
>>>>>
>>>>>
>>>>> --
>>>>> Regards,
>>>>> Lalit Jangra.
>>>>>
>>>>>
>>>>>
>>>>>
>>>>>
>>>>> --
>>>>> Regards,
>>>>> Lalit Jangra.
>>>>>
>>>>>
>>>>>
>>>>
>>>>
>>>> --
>>>> Regards,
>>>> Lalit Jangra.
>>>>
>>>
>>>
>>
>


-- 
Regards,
Lalit Jangra.

Mime
View raw message