Why Learn It?

Query-time Authorization API

previous|next

In this sub-module, you will learn about the Query-time Authorization API.

The representatives of the HR department of Oracle Corporation have created some protected sources. At search time, they want to validate every document fetched out of the Oracle SES repository belonging to the protected source.

To handle this request, Timothy studies the Query-time Authorization API.

Query-time authorization allows an Oracle Secure Enterprise Search (SES) administrator to associate a Java class with a source that will, at search time, validate every document fetched out of the Oracle SES repository belonging to the protected source, as requested by the users. The filter class can dynamically check access rights to make sure that the current search user has the credentials to view each document. This authorization model can be applied to any source other than self service or federated sources.

Timothy uses the QTA API to resolve the issue.