security.earlybinding.user-to-key-mapper
Selected security plugin for translating usernames into lists of document keys.
Key: security.earlybinding.user-to-key-mapper
Type: UserToKeyMapperTypes
allowed values: MasterKey
, Meta
, Trim
, Trim2
, Groovy
, Portal
, ManifoldCF
, ManifoldCFDebug
, Sitecore
or Moodle
Can be set in: collection.cfg
Description
This setting is used with document level security. It indicates the name of a security plugin which should be used at query time to map a given username into a list of keys which the user can use to unlock documents (usually group or permission names). Possible values are:
-
MasterKey
: Special plugin for testing purposes: It will always pass a generic master key that will grant access to every document. Do not use in production!. -
Meta
: For Meta collections with sub-collection using document level security. This plugin will delegate the key mapping to the plugin of each sub-collection. -
Trim
: Deprecated. -
Trim2
: (For TRIMPush data sources) This plugin will connect to the TRIM repository and collect the security credentials of the user (Level, Caveats, ACLs, special bypasses) in a format compatible with TRIMPush collections. -
Groovy
: This plugin will call a Groovy class to retrieve the user keys. See security.earlybinding.user-to-key-mapper.groovy-class (collection.cfg) for more details. -
Portal
: This plugin will retrieve the user keys from an URL parameter nameduserkeys
(e.g. http://server/s/search?collection=…&userkeys=key1,key2). Note that this approach is not secure unless Funnelback can be accessed only through a portal, so that users cannot change the value of theuserkeys
parameter. -
ManifoldCF
: To be used with ManifoldCF enterprise connectors. -
ManifoldCFDebug
: A insecure plugin for debugging only. -
Sitecore
To be used with the Sitecore CMS.security.earlybinding.user-to-key-mapper.sitecore.service_url
must be set to the Sitecore webservice endpoint URL used to retrieve the user roles.