Newer Versions

v2.1
v2.0

Older Versions

v1.6
v1.7

LucidWorks Enterprise v1.8

Support Resources

LucidWorks Forum
KnowledgeBase

This is the documentation for LucidWorks Enterprise v1.8. The most current release is v2.1.

Skip to end of metadata
Go to start of metadata

Generally, enterprise-level application designers must take into account four main security considerations for any search application:

  • Network access to the various components of the service
  • Authentication of users
  • Authorization to use various parts of the user interface
  • Authorization to view certain documents

LucidWorks Enterprise implements security for each of these as follows:

Network access: Because the components of LucidWorks Enterprise (LWE-Core, Admin UI, Search UI, and Alerts) run on different ports, an administrator can easily secure individual components at the network level by restricting access to the port in question. For example, if only the Admin and Search UI services need to be accessible outside the production network, an administrator can leave those ports can be open while blocking LWE-Core and Alerts ports can be easily blocked. The chapter Securing LucidWorks Enterprise describes this process in more detail. Note that if you are using LucidWorks Enterprise's document authorization features, this step is particularly important, as direct access to the underlying Solr application can circumvent these measures.

User authentication: LucidWorks Enterprise supports LDAP binding for user authentication, so an administrator can create roles or groups on an external LDAP server, then use them within LWE to control access to UI functionality or sets of documents. The chapter LDAP Integration describes how to configure LDAP for LucidWorks Enterprise.

UI authorization: LucidWorks Enterprise controls access to the Admin UI, the Search UI, and Alerts. The chapter System Configuration discusses how to use the Admin UI to configure these access levels in order to give different LDAP users and groups authorization to use each of these different functions.

Document authorization: LucidWorks Enterprise allows the administrator to configure document filters for different roles. These document filters then limit what documents appear in search results for users in those roles. For example, the administrator can create a filter that enables users in the finance role to see only documents that satisfy a query of department:finance. You can find instructions for creating these filters in the chapter Using Search Filters for Document Access Control. LucidWorks Enterprise also enables the creation of document-based filtering, in which only the owner (or owners) of a document are able to see it. The section Restricting Access to Content describes how to set up your documents to support this functionality.

Enter labels to add to this page:
Please wait 
Looking for a label? Just start typing.