Overview  Package   Class  Tree  Deprecated  Index  Help 
Oracle Fusion Applications Search Java API Reference for Oracle Enterprise Crawl and Search Framework
11g Release 7 (11.1.7)
E21908-07
 PREV CLASS   NEXT CLASS FRAMES    NO FRAMES    
SUMMARY: NESTED | FIELD | CONSTR | METHOD DETAIL: FIELD | CONSTR | METHOD

oracle.ecsf
Interface Securable

public interface Securable

Securable is an interface to be implemented as a seucrity plugin to enforce security rules for a searchable object. To secure a searchable object, developers must create a java class that implements this interface and assign it to the searchable object via ECSF designer interface.

ACE Access Control Entry ACL Access Control List is a list of ACEs

Method Summary
 java.lang.String[] getAcl(SearchContext ctx, IndexableDocument indexableDocument)
          This method is called at crawl time to acquire an ACL for an indexable document.
 java.lang.String[] getSecurableParams()
          This method returns a list of configuration parameter names created for the security plug-in.
 java.lang.String[] getSecureAttrAcl(SearchContext ctx, IndexableDocument document, java.lang.String attributeName)
          This method is called when a document is crawled.
 java.lang.String[] getSecureAttrKeys(SearchContext ctx, java.lang.String attributeName)
          For a searchable object, one can norminate one or more search attributes as a security attribute.
 java.lang.String[] getSecurityKeys(SearchContext ctx)
          Returns an ACL owned by the user, developers must use the defined way to access user object via the context passed by.
 boolean isAclEnabled(SearchContext ctx)
          Tests if this plug-in enables ACL security.
 

Method Detail

isAclEnabled

boolean isAclEnabled(SearchContext ctx)
Tests if this plug-in enables ACL security. If this returns false,

Parameters:
ctx - runtime context.
Returns:
whether ACL is enabled.
See Also:
and #getSecurityKeys method will not be called.

getAcl

java.lang.String[] getAcl(SearchContext ctx,
                          IndexableDocument indexableDocument)
                          throws SearchSecurityException
This method is called at crawl time to acquire an ACL for an indexable document.

For SES, each ACE in an ACL must be either or a combination of the following two:

Parameters:
ctx - the runtime context.
indexableDocument - whose ACL is requested.
Throws:
SearchSecurityException - if the document does not satisfy your security rules. This exception will result the document not being indexed.

getSecurityKeys

java.lang.String[] getSecurityKeys(SearchContext ctx)
                                   throws SearchSecurityException
Returns an ACL owned by the user, developers must use the defined way to access user object via the context passed by. For more details, @see SearchConext.

Parameters:
ctx - the runtime context.
Returns:
List of ACEs for current session user. If the user does not have access the searchable object, return an empty array.
Throws:
SearchSecurityException - if for some reason the context passed to does not satisfy your security rules. This exception will result user not being able to find any results for the searchable object.

getSecureAttrKeys

java.lang.String[] getSecureAttrKeys(SearchContext ctx,
                                     java.lang.String attributeName)
                                     throws SearchSecurityException
For a searchable object, one can norminate one or more search attributes as a security attribute. For each secure attribute, the framework will call this method to acquire an ACL which will be used to write security filters for a search.

Parameters:
ctx - the runtime context.
attributeName - the binding name of the security attribute. In case of a VO attribute, it is the Alias name.
Returns:
a list of ACEs of current user for a given secure attribute. If the user does not have access the searchable object, return an empty array.
Throws:
SearchSecurityException - if failed to obtain security ACEs for the user

getSecureAttrAcl

java.lang.String[] getSecureAttrAcl(SearchContext ctx,
                                    IndexableDocument document,
                                    java.lang.String attributeName)
                                    throws SearchSecurityException
This method is called when a document is crawled. The crawler calls this method to acquire an ACL for the security attribute.

Parameters:
ctx - runtime context.
document - the indexable document whose ACL is requested.
attributeName - the binding name of the security attribute. In case of a VO attribute, it is the Alias name.
Returns:
a list of ACEs of the indexable document for the secure attribute.
Throws:
SearchSecurityException - if failed to obtain the ACL

getSecurableParams

java.lang.String[] getSecurableParams()
                                      throws SearchSecurityException
This method returns a list of configuration parameter names created for the security plug-in.

Returns:
a list of security configuration parameters.
Throws:
SearchSecurityException - if failed to obtain security parameters.
Overview  Package   Class  Tree  Deprecated  Index  Help 
Oracle Fusion Applications Search Java API Reference for Oracle Enterprise Crawl and Search Framework
11g Release 7 (11.1.7)
E21908-07
 PREV CLASS   NEXT CLASS FRAMES    NO FRAMES    
SUMMARY: NESTED | FIELD | CONSTR | METHOD DETAIL: FIELD | CONSTR | METHOD
Copyright © 2012, 2013 Oracle. All rights reserved.