Yonik, your reply was incredibly helpful. Thank you very much!
The "join" approach to document security you explained is somewhat
similar to what I called "Option 2" (ACL PostFilter) since permissions
are stored in each document, but it's much simpler in that I'm not
required to write, compile, an
Depending on requirements, another option for simple security is to
store the security info in the index and utilize a join. This really
only works when you have a single shard since joins aren't
distributed.
# the documents, with permissions
id:doc1, perms:public,...
id:doc2, perms:group1 group2
I'm new to Solr and I'm looking for a document level security filter
solution. Anonymous users searching my application should be able to
find public data. Logged in users should be able to find public data
and private data they have access to.
Earlier today I wrote about shards as a possible solu
