Set up Security on Documents

You can apply custom security settings to the documents that you index into HPE IDOL Server. To do this, you identify fields in these documents that determine the security settings that are appropriate for each document.

Alternatively, you can specify the security property of a document every time that you index it by sending an additional parameter with the index action.

For more details on the settings that the [Security] section can contain and on how you can configure them, refer to the HPE IDOL Server Reference.

To set up automatic security application for documents

  1. Open the HPE IDOL Server configuration file in a text editor.
  2. In the [Security] section, set the SecurityInfoKeys parameter to specify the security encryption keys to use to encrypt and decrypt the security information used by HPE IDOL Server. You can set the SecurityInfoKeys parameter either to the name of an AES key file (recommended) or to a comma-separated list of four signed 32-bit integers. For information about how to generate a key file with the autpassword command-line tool, see Encrypt Passwords.

    For example:

    [Security]
    SecurityInfoKeys=MyAESKeyFile.ky
  3. In the [Security] section, list the security types that you want to use.

    0=NT
    1=Netware
    2=Notes
    3=Exchange
  4. Create a section for each of the security types you defined (the section must have the same name as the security type). For each section, provide settings that determine how HPE IDOL Server handles that security type. For example:

    [NT]
    SecurityCode=1
    Library=nt_security.dll
    Type=AUTONOMY_SECURITY_V4_NT_MAPPED
    ReferenceField=*/AUTONOMYMETADATA
    
    [Netware]
    SecurityCode=2
    Library=netware_security.dll
    Type=AUTONOMY_SECURITY_NETWARE_MAPPED
    ReferenceField=*/AUTONOMYMETADATA
    
    [Notes]
    SecurityCode=3
    Library=notes_security.dll
    Type=AUTONOMY_SECURITY_V4_NOTES_MAPPED
    ReferenceField=*/AUTONOMYMETADATA
    
    [Exchange]
    SecurityCode=4
    Library=exchange_security.dll
    Type=AUTONOMY_SECURITY_EXCHANGE_MAPPED
    ReferenceField=*/AUTONOMYMETADATA
  5. In the [FieldProcessing] section, set up processes that allow HPE IDOL Server to recognize the security type of documents (unless you send an additional parameter to specify the security property of a document every time you index a document).

    If you use a version 4 security type (for example, AUTONOMY_SECURITY_V4_NOTES_MAPPED), you must include a process that defines how to handle metadata. For example:

    [FieldProcessing]
    0=DetectNT
    1=DetectNetware
    2=DetectNotes
    3=DetectExchange
    4=DefineMetaData
  6. Create a section for each of the processes that you listed, in which you create a property for the process (security properties always point to a defined security type). Identify the field that you want to associate with the processes.

    NOTE:

    The property that you create must not have the same name as the process.

    To identify the fields, use the format /FieldName to match root-level fields, */FieldName to match all fields except root-level, or /Path/FieldName to match fields that the specified path points to.

    You can use the PropertyMatch parameter to identify a specific value that fields must have to be processed.

    For example:

    [DetectNT]
    Property=SetNTProperty
    PropertyFieldCSVs=*/DRESECURITYTYPE
    PropertyMatch=*nt
    
    [DetectNetware]
    Property=SetNetwareProperty
    PropertyFieldCSVs=*/DRESECURITYTYPE
    PropertyMatch=*netware
    
    [DetectNotes]
    Property=SetNotesProperty
    PropertyFieldCSVs=*/DRESECURITYTYPE
    PropertyMatch=*notes
    
    [DetectExchange]
    Property=SetExchangeProperty
    PropertyFieldCSVs=*/DRESECURITYTYPE
    PropertyMatch=*exchange
    
    [DefineMetaData]
    Property=HideMetaData
    PropertyFieldCSVs=*/AUTONOMYMETADATA
  7. Create a section for each of the properties and specify appropriate configuration settings for each property. These configuration parameters define the processes to apply to all the fields (or all documents that contain the fields) that you previously associated with the processes.

    If you use a version 4 security type (for example, AUTONOMY_SECURITY_V4_NOTES_MAPPED), you must set ACLType to True in the section that sets up how HPE IDOL Server handles metadata, to implement optimized security.

    [SetNTProperty]
    SecurityType=NT
    
    [SetNetwareProperty]
    SecurityType=Netware
    
    [SetNotesProperty]
    SecurityType=Notes
    
    [SetExchangeProperty]
    SecurityType=Exchange
    
    [HideMetaData]
    HiddenType=True
    ACLType=True
  8. Save and close the configuration file. Restart HPE IDOL Server for your changes to take effect.

NOTE:

For details of how to ensure security in an HPE IDOL infrastructure, refer to the IDOL Document Security Administration Guide.

TIP:

You can view information about the configured security types in IDOL Server on the Security Types tab on the Status page in the IDOL Admin interface. For more information, refer to the IDOL Admin User Guide.


_HP_HTML5_bannerTitle.htm