Hi Manu, I haven't made a custom request handler in a while, but I want to clarify that, if you trust your application code, you don't actually need a custom request handler to do this sort of authentication filtering. At indexing time, you can add a "role" field to each object that you index, as described in the thread. At query time, you could simply have your application code add an appropriate filter query to each Solr request. So, if you're using the standard XML query interface, instead of sending URLs like
http://.../solr/select?q=foo... you can have your application code send URLs like http://.../solr/select?q=foo&fq=role:admin... If I understand the custom request handler approach, then it basically amounts to the same thing as the above; the only difference is that the filter query gets added internally by Solr, rather than at the application level. Sorry if you already understand all this; I'm throwing these comments out just in case. Cheers, Chris On Mon, Jan 12, 2009 at 1:54 AM, Manupriya <manupriya.si...@gmail.com> wrote: > > Hi, > > I am using DIH feature of Solr for indexing a database. I am using Solr > server and it is independent of my web application. I send a http request > for searching and then process the returned result. > > Now we have a requirement that we have to filter the results further based > on security level restrictions? For example, user id abc should not be > allowed to see a particular result. How could we achieve that? > > I > followed,http://www.nabble.com/Restricted-views-of-an-index-td15088750.html#a15090791 > It suggests something like - > "Add a role or access class to each indexed item, then use that in the > queries, probably in a filter specified in a request handler. That keeps > the definition of the filter within Solr. > For example, you can create a request handler named "admin", a field named > "role", and add a filter of "role:admin". " > > I could not follow this solution. Is there any example or resource that > explains how to use custom request handler with filtering? > > Thanks, > Manu > > > > -- > View this message in context: > http://www.nabble.com/Restricting-results-based-on-user-authentication-tp21411449p21411449.html > Sent from the Solr - User mailing list archive at Nabble.com. > >
