Task #5822

Feature #5810: Implement SOLR-based search

Enforce access control for SOLR-based search implementation

Added by Brendan Hahn about 8 years ago. Updated almost 8 years ago.

Target version:
Start date:
Due date:
% Done:


Estimated time:
(Total: 0.00 h)


Ensure that search results are filtered for clients access permissions.


Task #5904: Design mechanism to enforce access policyResolvedJing Tao

Task #5905: Implement access control filterResolvedJing Tao


#1 Updated by Brendan Hahn about 8 years ago

Identity token to be added to MetacatIndex query operation and used to filter at the solr interface.

What about non-system-metadata objects?

Enforcing access control may constrain deployment options, as "Solr does not concern itself with security either at the document level or the communication level". The standard solr setup would allow unfiltered access to the index.

#2 Updated by ben leinfelder about 8 years ago

My gut feeling is that simply augmenting the user-provided solr query with additional AND-clauses to constrain to their access level is too fragile. There seems to be way to augemnt the SolrRequestContext using a SolrDispatchFilter ( and this sounds attractive.

It does sound like our SOLR implementation will have to be deployed within the Metacat context in order for us to guarantee that access policies are adhered to.

Can you outline a couple of options in this bug?

#3 Updated by Redmine Admin about 8 years ago

Original Bugzilla ID was 5822

#4 Updated by ben leinfelder about 8 years ago

  • Assignee changed from Brendan Hahn to Jing Tao
  • Subject changed from Access control for SOLR/Lucene search interface to Enforce access control for SOLR-based search implementation

#5 Updated by ben leinfelder almost 8 years ago

  • Parent task set to #5810

#6 Updated by Jing Tao almost 8 years ago

  • Status changed from New to Resolved

Also available in: Atom PDF