Document-level security
To support prefiltering and post-filtering of search results, the search request must provide a user's security context by using the setACLConstraints method on the Query object.
The user's security context is provided as an XML string
as part
of an opaque query term, for example:
Query q = factory.createQuery("IBM"); q.setACLConstraints
("@SecurityContext::'<User's Security Context XML string>'"
You can create the user's security context XML string in two ways:
- By using the identity management API to programmatically create the XML string.
- By using Java™ String
classes to create the
XML string
Use this method only if you cannot build applications with the identity management API.