System Architecture

To configure custom mapped security, you must set up the following components:

The connector retrieves information from your data repository and sends it to CFS so that it can be indexed it into IDOL server. The connector adds an encrypted ACL to each document. The ACL is in a custom format.

When IDOL receives a query, it sends the user's securityinfo token and the result documents to the Generic Security Module, part of the Mapped Security Plug-in. The Generic Security Module determines whether a user is allowed to see documents retrieved as query results. The structure of the ACL and the sequence of security checks that the Generic Security Module must perform are specified by configuration parameters in the IDOL Server configuration file.