security.earlybinding.locks-keys-matcher.name

Background

This option is used with early-binding security. It’s the name of the security plugin library that will be used to match user keys with document lock strings, at query time.

The default matching algorithm is to check that the document lock string contains at least one of the user keys. Some repositories have more complex security models and require a specific security plugin that embeds the matching logic.

Possible values are:

  • secBoolExpr: For evaluating lock strings that are boolean expressions see secBoolExpr

  • secTrim: for TRIM data sources

  • NtfsDls: For NTFS file system data sources

These security plugins should reside in $SEARCH_HOME/lib/plugins.

Setting the key

Set this configuration key in the search package or data source configuration.

Use the configuration key editor to add or edit the security.earlybinding.locks-keys-matcher.name key, and set the value. This can be set to any valid String value.

Default value

(None)

Examples

For a security plugin library with filename lib/plugins/libexamplePlugin.so (Linux) or lib\plugins\libexamplePlugin.dll (Windows)

security.earlybinding.locks-keys-matcher.name=examplePlugin

Note that the lib prefix must be removed as well as the file extension.

Notes

Each component of a search package will use / inherit the security plugin defined in the search package configuration. However, this can be overridden on a per-data source basis by setting this parameter to a different value in the component data source configuration.