Has anyone here had to deal with entity object security with Elastic
What I mean by "entity object security" is that the entity the Document
represents is not readable by everyone who may be searching the Elastic
Search database. It would be nice if there was a way that Elastic Search
had some notion of document security or is this something I would have to
build into the document representing the entity.
Here is a more specific scenario:
I perform a query against Elastic Search for a specific page and size. I
get the results and translate the results into domain objects. I then
check if the user who is about to see these results has the ability to see
each domain object and if not remove it. The problem with this solution is
that it removes results from the page after the query and could result in a
page with no results. Is there a way to integrate user level security into
I realize this question is somewhat broad. Any suggestions are appreciated.
You received this message because you are subscribed to the Google Groups "elasticsearch" group.
To unsubscribe from this group and stop receiving emails from it, send an email to firstname.lastname@example.org.
To view this discussion on the web visit https://groups.google.com/d/msgid/elasticsearch/2ec71eba-7451-4c34-9b69-7e4357d3adb7%40googlegroups.com.
For more options, visit https://groups.google.com/groups/opt_out.