Handling authentication in Lucene
(topic: search engine)
I'm at the point with this search engine where I want to get onto the most important part: making it respect access controls. This is the main reason for this project -- it's trivial to get ht://Dig running to search a site, but it has to search the whole site, and it will show search results on all pages, not just those that the current user is allowed to see.
ht://Dig lets you pass it a callback to tell it whether to exclude a URL or not, so hooking this sort of thing in isn't all that difficult. (The hardest bit was getting it to play nicely with the rest of the Python app it was running inside).
Lucene doesn't appear to do that, but it does let me extend its query system, so perhaps I can make authentication part of the query. Let's see ...
... more like this: [blog search, lucene]
I'm at the point with this search engine where I want to get onto the most important part: making it respect access controls. This is the main reason for this project -- it's trivial to get ht://Dig running to search a site, but it has to search the whole site, and it will show search results on all pages, not just those that the current user is allowed to see.
ht://Dig lets you pass it a callback to tell it whether to exclude a URL or not, so hooking this sort of thing in isn't all that difficult. (The hardest bit was getting it to play nicely with the rest of the Python app it was running inside).
Lucene doesn't appear to do that, but it does let me extend its query system, so perhaps I can make authentication part of the query. Let's see ...