security.earlybinding.locks-keys-matcher.name

Name of security plugin library that matches user keys with document locks at query time

Key: security.earlybinding.locks-keys-matcher.name
Type: String
Can be set in: collection.cfg

Description

This option is used with early-binding security. It’s the name of the security plugin library that will be used to match user keys with document lock strings, at query time.

The default matching algorithm is to check that the document lock string contains at least one of the user keys. Some repositories have more complex security models and require a specific security plugin that embeds the matching logic.

Possible values are:

  • secBoolExpr: For evaluating lock strings that are boolean expressions see secBoolExpr

  • secTrim: for TRIM data sources

  • NtfsDls: For NTFS file system data sources

These security plugins should reside in $SEARCH_HOME/lib/plugins.

Default Value

(None)

Examples

For a security plugin library with filename lib/plugins/libexamplePlugin.so (Linux) or lib\plugins\libexamplePlugin.dll (Windows)

security.earlybinding.locks-keys-matcher.name=examplePlugin

Note that the lib prefix must be removed as well as the file extension.

⚠ Caveats

Each component of a search package will use / inherit the security plugin defined in the search package configuration. However, this can be overridden on a per-data source basis by setting this parameter to a different value in the component data source configuration.