Open topic with navigation
You can set up security for a third-party interface, and use IDOL Server to ensure that result documents are displayed only to people who have the appropriate privileges.
To set up security for a third-party interface
In the IDOL Server configuration file, create the user security types for the repositories from which data is indexed (see Configure User Security). If you want IDOL Server to perform authentication, you must include a security type that specifies the security library that IDOL Server uses for authentication.
In the front-end application, define the user’s security details for the user security types you have set up in IDOL server. You can do this by creating the user in IDOL Server using the
UserAdd action, and specifying the user’s security details for the repositories. For example:
&UserName=JSmith &Password=secret123 &SecurityNTUserusername=JohnS &SecurityNTUserDomain=MyCompany
This defines a user whose
autonomy user name and password are
secret123, and whose user name and domain in the repository for which the
NTUser section sets up security are
Refer to the IDOL Server Reference for full details of how to use actions to define and edit users in IDOL Server.
When a user logs on to the system, your front-end application must communicate with IDOL Server to retrieve an encrypted string that contains the user’s security details for your repositories.
UserRead action to IDOL Server, with the
SecurityInfo action parameter set to
true. You must include the user’s user name and password for the repository that IDOL Server authenticates against. You must also include the domain if you are authenticating against an NT repository. For example:
http://localhost:9000/action=UserRead &UserName=JSmith &Password=secret123 &SecurityInfo=true
CheckEntitlement configuration parameter is set to
true, the user is also implicitly authenticated before the
securityinfo string is returned.
IDOL Server returns XML details of the user’s settings, including an encrypted security string that includes the details for all the repositories for which you have set up IDOL Server user security types.
Configure the front-end application to specify the encrypted security string returned in Step 3 as the value of the
SecurityInfo parameter when the front-end application sends queries to IDOL Server (for example, using the
http://localhost:9000/action=Query &Text=accounts &SecurityInfo=encrypted_string
Query IDOL Server with Security Information includes an example of how to use the
Refer to the IDOL Server Reference for full details of the actions that you can send to IDOL Server.
Instead of sending actions to generate the security string in the steps outlined above, you can use the ACI API to create the encrypted strings. For more information, refer to the ACI API Programming Guide.
Actions issued through a browser must be percent encoded to allow unreserved alphanumeric characters. For example, the user name
us\jsmith is a valid format for IAS, but an action issued through a browser to IDOL server must percent-encode the unreserved URL character: