aspose file tools*
The moose likes Other Open Source Projects and the fly likes Can Lucene be used with a mix of password protected data and nonpassword protected data? Big Moose Saloon
  Search | Java FAQ | Recent Topics | Flagged Topics | Hot Topics | Zero Replies
Register / Login


Win a copy of Java 8 in Action this week in the Java 8 forum!
JavaRanch » Java Forums » Products » Other Open Source Projects
Bookmark "Can Lucene be used with a mix of password protected data and nonpassword protected data?" Watch "Can Lucene be used with a mix of password protected data and nonpassword protected data?" New topic
Author

Can Lucene be used with a mix of password protected data and nonpassword protected data?

Grae Cullen
Greenhorn

Joined: Jan 21, 2010
Posts: 19
Hi,

I guess at first glance it seems like Lucene would return all results from a group of data, even if a particular user was only allowed to view half of the data.

For example, suppose "User A" could view files 1, 5 and 7 and "User B" could view files 1, 2, 3 and 4. If the search term occurs in file 3, will "User A" see that result. Of course, he should not see the result, but since Lucene scans all the files, how does Lucene mark that User A should not see certain files.

Grae
David Newton
Author
Rancher

Joined: Sep 29, 2008
Posts: 12617

It doesn't, but one thing you could do is add an "access" field (or roles, or whatever) and use that as part of your search query.

Lucene has no concept of "users"--it's an index. (Unless that's changed.)
Michael McCandless
author
Greenhorn

Joined: Jul 11, 2010
Posts: 20
Lucene provides the facilities for implementing entitlements, eg providing a Filter to restrict the search results, allowing for security tokens to be directly indexed and then AND'd with the query, etc.

But it's up to your app to tap into these capabilities to implement the security it requires.


Lucene in Action, 2nd Edition
(http://manning.com/lucene)
Gian Franco
blacksmith
Ranch Hand

Joined: Dec 16, 2003
Posts: 975
Hi,

In one project we solved a similar case by
adding an index field containing the String
for managing the access.

In every search a hidden search clause
was added to filter the search results...

Cheers,

Gian


"Eppur si muove!"
 
I agree. Here's the link: http://aspose.com/file-tools
 
subject: Can Lucene be used with a mix of password protected data and nonpassword protected data?
 
Similar Threads
Maintaining user state in a web application
consistency in jsf pages
Items exposed thru' URL
Trouble synchronizing between Model & View using Hibernate & JSF
Applying pure MVC to Swing/JFC