-
Type:
Bug
-
Status: Resolved
-
Priority:
Critical
-
Resolution: Fixed
-
Affects Version/s: 1.5.1
-
Fix Version/s: 1.7.0
-
Component/s: Solr Plugin
-
Labels:None
RealTimeGet just ignores filter queries currently in Solr (see SOLR-8436) which is how document level security is implemented, so if you can guess the document ids, you can access them.
Since we probably don't want to wait for a solr version with SOLR-8436 to be released, we should come up with a temporary work around.
- links to