需要OLS(Oracle标签安全性)时的Lucene / Solr安全性
[英]Lucene / Solr security when OLS (Oracle Label Security) is required
问题描述
This is going to be a bit open-ended initially. 
最初这将是开放式的。 My team has a requirement to utilize Oracle Label Security (OLS). 我的团队要求使用Oracle标签安全性(OLS)。 Because we would like to enable "fast" search capabilities (Solr/Lucene) how can we correctly retrieve data that is cached (Lucene/ Solr) based on the OLS policy in place? 因为我们想启用“快速”搜索功能(Solr / Lucene),我们如何才能根据现有的OLS策略正确检索缓存的数据(Lucene / Solr)?
1 个解决方案
解决方案1
1 2014-02-16 16:13:10
One way you can use external systems like your OLS is Solr's PostFilter interface . 可以使用OLS等外部系统的一种方法是Solr的PostFilter接口 。 A very good write up how to do use this has been published in the article Custom security filtering in Solr by Erik Hatcher. Erik Hatcher 在Solr中的“ 自定义安全筛选”中发表了一篇很好的关于如何使用它的文章。
Basically you have a hook after all search and filtering has been done. 基本上,在完成所有搜索和过滤之后,您便有了一个钩子。 There you can open a connection to your database and filter the search results according to the user's access rights. 在那里,您可以打开与数据库的连接,并根据用户的访问权限过滤搜索结果。
To speed this up, you should consider to place some security relevant artifacts into you index, which you then include as ordinary filter. 为了加快速度,您应该考虑将一些与安全性相关的工件放入索引中,然后将其作为普通过滤器包括在内。 That way you can do a pre-filtering, so that you do not overwhelm the PostFilter. 这样,您可以进行预过滤,以免淹没PostFilter。
Currently there is nothing pre-build by the community, but you could kick-off something on GitHub. 当前社区没有任何预构建,但是您可以在GitHub上启动一些工作。
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.