Skip to content

security.earlybinding.user-to-key-mapper (collection.cfg setting)

Description

This setting is used with document level security. It indicates the name of a security plugin which should be used at query time to map a given username into a list of keys which the user can use to unlock documents (usually group or permission names). Possible values are:

  • MasterKey: Special plugin for testing purposes: It will always pass a generic master key that will grant access to every document. Do not use in production!.
  • Meta: For Meta collections with sub-collection using document lvel security. This plugin will delegate the key mapping to the plugin of each sub-collection.
  • Trim2: (For TRIMPush collections) This plugin will connect to the TRIM repository and collect the security credentials of the user (Level, Caveats, ACLs, special bypasses) in a format compatible with TRIMPush collections.
  • Groovy: This plugin will call a Groovy class to retrieve the user keys. See security.earlybinding.user-to-key-mapper.groovy-class (collection.cfg) for more details.
  • Portal : This plugin will retrieve the user keys from an URL parameter named userkeys (e.g. http://server/s/search?collection=...&userkeys=key1,key2). Note that this approach is not secure unless Funnelback can be accessed only through a portal, so that users cannot change the value of the userkeys parameter.
  • ManifoldCF To be used with ManifoldCF enterprise connectors.
  • Sitecore To be used with the Sitecore CMS. security.earlybinding.user-to-key-mapper.sitecore.service_url must be set to the Sitecore webservice endpoint URL used to retrieve the user roles.

Default value

(None)

Examples

Use TRIM specific plugin:

security.earlybinding.user-to-key-mapper=Trim2

top

Funnelback logo
v15.16.0