Task #2472
Story #2416: Secure CN Search Index
Implement security filtering for search index solr endpoints
100%
Description
Includes:
CN search endpoint -- cn/v1/search/solr
Solr endpoint - /solr/d1-cn-index/select
History
#1 Updated by Skye Roseboom almost 12 years ago
- Milestone changed from CCI-1.0.0 to CCI-1.2
#2 Updated by Skye Roseboom almost 12 years ago
Need to keep in mind that the 'mlt' solr feature available on /select does not apply query filter parameters (which is how security is applied). So may need to strip-out / prevent uses from specifying 'mlt' query parts.
#3 Updated by Skye Roseboom over 11 years ago
- Status changed from New to In Progress
#4 Updated by Skye Roseboom over 11 years ago
- Milestone changed from CCI-1.2 to CCI-1.1
- Status changed from In Progress to Testing
Adapted existing Solr Session Authorization Filter logic in solr_extensions project for use with search index. Created and register SolrSearchHandler for search index's solrconfig.xml file. An extension of the default solr search handler class. Re-writes the query to apply filter query for public data and if an authorized user is detected, the query is updated to additionally return records the user had READ permission for.
Allows all security / identity mapping handling for solr searches to be centralized in SolrSearchHandler.java.
#5 Updated by Skye Roseboom over 11 years ago
- translation missing: en.field_remaining_hours set to 0.0
- Status changed from Testing to Closed
#6 Updated by Skye Roseboom over 11 years ago
- Target version changed from Sprint-2012.37-Block.5.3 to Sprint-2012.39-Block.5.4
