Our team is currently using Solr as the basis for our search solution, and we are currently exploring some security limitations. We are currently studying various levels of security that may cover:
1) Dataset / base level security: the entire index is blocked from access for unauthorized users.
2) Field level security: certain fields are blocked from access.
3) Document level security: certain documents are blocked from access.
So far, my research has shown that most people have implemented URL-based protection for Solr, but no one seems to have experience with finer security, as described above. Our current use case is in the cost analysis market, where access to data sets should be strictly controlled at different levels of detail.
Based on what we have found so far, our questions are:
1) Can Solr be expanded to transparently handle these security levels? Or should we control all of this in our search application? 2) Are there any extensions or packages that already do something similar?
Thanks in advance for your help!
rod82 source share