Skip to main content

Notice: This Wiki is now read only and edits are no longer possible. Please see: https://gitlab.eclipse.org/eclipsefdn/helpdesk/-/wikis/Wiki-shutdown-plan for the plan.

Jump to: navigation, search

SMILA/Documentation/2011.Simplification/org.eclipse.smila.security.processing.SampleSecurityConverter

< SMILA‎ | Documentation‎ | 2011.Simplification
Revision as of 07:32, 25 February 2011 by Unnamed Poltroon (Talk) (Description)

org.eclipse.smila.security.processing.SampleSecurityConverter

Description

This is a sample pipelet that converts security annotations into

  • attributes with literals to allow indexing in Lucene
  • a filter annotation used in a query to restrict the results to the users that have READ access

The pipelet uses the service a org.eclipse.smila.security.SecurityResolver, which is used to resolve groups and user names. If no SecurityResolver is available the configuration options are ignored an the security annotations are just converted into attribute values, keeping the original values without any modifications.

Annotations

The SampleSecurityConverter uses the Annotation org.eclipse.smila.security.processing.SampleSecurityConverter on records to decide how to handle a record. It supports the following required named values.

Name Value Description
executionMode INDEX or SEARCH INDEX - the service is used for indexing security annotations, SEARCH - the service is used during search for filtering with security annotations

Configuration

Property Type Description
readUsersAttributeName String the name of the attribute to store the users with READ access rights in. This attribute can then be indexed by Lucene.
resolveGroups Boolean a boolean flag if to resolve groups to their user principals (true) or not (false)
resolveUserNames Boolean a boolean flag if to resolve user names and replace them with the value described by resolvedUserNamePropertyName (true) or not (false)
resolvedUserNamePropertyName String the name of an LDAP property to use instead of the user/group principal (e.g. a display name). Only used if resolveUserNames is true

Example

PipeletConfiguration for SampleSecurityConverter 

<extensionActivity>
    <proc:invokePipelet name="sample securityConverter">
        <proc:pipelet class="org.eclipse.smila.security.processing.SampleSecurityConverter" />
        <proc:variables input="request" output="request" />
        <proc:PipeletConfiguration>
          <proc:Property name="readUsersAttributeName" type="java.lang.String">
            <proc:Value>ReadUsers</proc:Value>
          </proc:Property>
          <proc:Property name="resolveGroups" type="java.lang.Boolean">
            <proc:Value>true</proc:Value>
          </proc:Property>
          <proc:Property name="resolveUserNames" type="java.lang.Boolean">
            <proc:Value>true</proc:Value>
          </proc:Property>
          <proc:Property name="resolvedUserNamePropertyName" type="java.lang.String">
            <proc:Value>displayName</proc:Value>
          </proc:Property>	
        </proc:PipeletConfiguration>
    </proc:invokePipelet>
</extensionActivity>
Retrieved from "https://wiki.eclipse.org/index.php?title=SMILA/Documentation/2011.Simplification/org.eclipse.smila.security.processing.SampleSecurityConverter&oldid=240045"

Back to the top