Hi, If you have more than a few thousand documents you'll want to let Solr do the security filtering. It is just like any other filter, which removes documents the user has no right to see. In order to do this you'll need to add a few fields to your schema and modify your indexer application so that it also indexes ACL terms with the documents. Say each archive document has a list of groups and userids that are entitled to see it. Then index all those as terms in an acl_allow field. When searching, retrieve the userId and list of group permissions for the logged-in user and construct a filter (fq) with those. Then Solr will do all the filtering for you.
It is not difficult to roll your own filtering if you only have one data source and you control the indexing and search application. However, if you have multiple repositories and complex ACLs, have a look at ManifoldCF (https://manifoldcf.apache.org) which is a framework that can both crawl multiple repos with ACLs and it also has a Solr plugin available for applying the filter.: https://www.slideshare.net/francelabs/integrate-manifoldcf-with-solr -- Jan Høydahl, search solution architect Cominvent AS - www.cominvent.com > 4. sep. 2018 kl. 06:05 skrev 尹官群 <guanqun...@qq.com>: > > Hi , > > > Currently I have integrated solr into my project, but I meet with some > problems. > our project is a archives management system and different user have access to > different documents, therefor, we have two way to filter the permissions. > 1. we can get all the documents from solr which match the search conditions, > then do the paging by coding, while solr is paging default as 10 docs per > request, then we have to search for twice(first time get the numfound, second > times get all the docs.), by this way, the time consumed will be large and > will increase geometricly when more documents are add in. > 2. we can use the default paging provided by solr and also filter the > permissions by adding all the reachable documents into the searching request. > By this way, another problems arose and that is what if the numer of > documents one user can reach increased to be larger than the max Boolean > Clauses, then the error will occur in solr. And I think in this way, the > cache of solr will not work fine > > > So about this problem, I want to ask if there is a better way? > > > Regards > guanqunyin
