Oracle Endeca Information Discovery Integrator: Security Guide for Integrator · Version 3.0.0 · May 2013
Copyright © 2003, 2013, Oracle and/or its affiliates. All rights reserved.
The IAS Server supports the Endeca Access Control System, which you can use to make your front-end Endeca application secure. This topic explains the details involved in making your Endeca application secure based on the ACL properties generated from your CMS repository.
The IAS Server tags each record with access control list (ACL) properties that it generates. The generated ACL properties are based on the corresponding properties for each entry in the CMS repository. In other words, the ACL properties generated by a crawl are based on ACL properties created by your CMS repository.
You can use manipulators to transform the generated ACL properties into the format for ACLs that is used by the Endeca Access Control System. You can then use the modified properties in conjunction with security login modules to limit access to records based on user or group login profiles. For details on using the Endeca Access Control System, see the Endeca Security Guide.
Typically, the generated ACL properties, since they are based on the ACL information specific to a repository, can apply to either users or groups. If they apply to groups, the code for the Endeca front-end application has to map users to their corresponding groups.
Oracle Endeca Information Discovery Integrator: Security Guide for Integrator · Version 3.0.0 · May 2013
Copyright © 2003, 2013, Oracle and/or its affiliates. All rights reserved.