Thanks for replying, Alex. At the moment, my requirement is to show public/published documents as well as unpublished documents based on the user issuing the query. Or just the user's documents, with no public documents. I've implemented this with a JOIN and my last post on this is here: http://lucene.472066.n3.nabble.com/Solr-JOIN-keeping-permission-data-out-of-primary-documents-td4169739.html
I haven't played with Shield either. Maybe ManifoldCF is equivalent? I took a quick look at ManifoldCF a couple years ago and it seemed complicated. The JOIN approach seemed easier to implement, but I don't love having to keep what I'll call "primary" documents (useful content) in sync with what I'll call "permission" documents (to JOIN against). Please see the post above for what I'm up to. It works but I don't love it. The marketing material for Shield seems nice. The docs seem nice. As a solution for document level security, it seems to be more "on rails" or "ready out of the box" than anything I've seen out of the Solr world. (I understand that experts can roll their own Solr solution.) The post I originally linked simply reminded me of Shield's existence and got me wondering if the Solr team is working on something like Shield. Shield seems to take the mystery out of document level security. It seems well documented and straighforward. But again, I haven't actually played with it yet. Besides, it requires a license. Phil On Thu, Feb 4, 2016 at 8:51 PM, Alexandre Rafalovitch <arafa...@gmail.com> wrote: > I have not used Shield yet, so this is based just on the document you sent. > > I would use different Request Handler endpoints for different users > and put the restrictions there, in the invariants section. > > For field restrictions, I would use 'uf' parameter. As for example > here (from my old book): > > https://github.com/arafalov/solr-indexing-book/blob/master/published/languages/conf/solrconfig.xml#L24 > > For document restrictions, it just seems like an extra 'fq' query to > filter out the documents. Or a post-filter. > > The only question is how to route to the relevant endpoint and that > can be done in the middle-ware or possibly by one of the plugin > components for Solr. Or use ManifoldCF, as per the wiki page on the > topic: https://wiki.apache.org/solr/SolrSecurity#Document_Level_Security > > Does this fulfill your requirements? > > Regards, > Alex. > ---- > Newsletter and resources for Solr beginners and intermediates: > http://www.solr-start.com/ > > > On 5 February 2016 at 12:08, Philip Durbin <philip_dur...@harvard.edu> > wrote: > > Does Solr have anything like this? > > > > https://www.elastic.co/blog/securing-fields-and-documents-with-shield > > > > Or is it on the roadmap? > -- Philip Durbin Software Developer for http://dataverse.org http://www.iq.harvard.edu/people/philip-durbin
