Security Models Supported

This SQL connector supports all the three types of security models of SES:

1. Public: This enables crawling all the public documents that are accessible to all the users.

SQL connector framework supports the two other important security models: User-Defined or Attribute-based Security model and the Identity-based Security model.

2. User-Defined security model of SES:

In this model, user is allowed to specify a set of attributes in the document query as security attributes of the documents. The crawler should index the values of these attributes as security values of the corresponding document.
The values of security attributes can be retrieved from the Database plug-in for the authorized users. This DB plug-in is packaged with SES and is available out-of-the-box with the product. A document in the resultset of the document query will be visible to the user only if the value of the security attribute matches with the value retrieved by the authorization plug-in. To learn more about Authorization plug -in, refer:

http://st-curriculum.oracle.com/tutorial/SESDevTutorial/index.htm

3. Identity based security model of SES:

Identity based security model secures documents by granting or denying access to the documents for users or groups.

The connector should support specification of users and groups granted or denied access to documents as values of additional attributes EQ_GRANT_USER, EQ_GRANT_GROUP, EQ_DENY_USER, EQ_DENY_GROUP. These attributes can be included in the main document query or in sub-queries.