topic Re: Restrict REST access to a specific index in Getting Data In

Restrict REST access to a specific index

rmorlen — Wed, 24 Oct 2012 20:38:21 GMT

We have defined a role:

[role_rest_role]

importRoles = can_delete;user

rtSrchJobsQuota = 0

srchDiskQuota = 0

srchIndexesAllowed = indexA

srchIndexesDefault = indexA

srchJobsQuota = 0

We have created a local user that has this role. The problem is that doing a search using REST the user has access to index=main. Since this user "can_delete" we really want to restrict their access to a specific index.

Any ideas?

Re: Restrict REST access to a specific index

Ayn — Wed, 24 Oct 2012 20:50:03 GMT

It inherits the user role - doesn't this role have access to index main? If so, you need to remove this inheritance.

Re: Restrict REST access to a specific index

rmorlen — Thu, 25 Oct 2012 13:54:19 GMT

I suspected this. Trying this today. I will post a response on the results.

Thanks.

Re: Restrict REST access to a specific index

rmorlen — Thu, 25 Oct 2012 13:58:47 GMT

Yes, this appears to have been the problem.

Thanks.