Skip to main content.
home | support | download

Back to List Archive

Re: Swish-e and authorisation-based document access

From: Peter Karman <peter(at)>
Date: Thu Oct 19 2006 - 18:26:21 GMT
Oebe Rombout scribbled on 10/19/06 10:40 AM:
> Hey,
> I'm trying to find out if Swish-e is compatible with the rights-based 
> document access that I use in a website.
> The website works as following:
> A user can login at the website. Depending on his role/rights he sees a 
> large list of documents.
> This list is generated from the database, where the document filename, 
> -location and content-type is stored. When you want to download a 
> document, you click a link like /download.php?id=3002. This file 
> (download.php) checks if the user is authorised to see/downlaod the 
> document, reads its data from a location higher than the webdir and 
> outputs it with the necessary headers.
> The location of the documents is NOT direct reachable via http:// and 
> the files are renamed to i.e. 3002.dat. When outputted by 
> download-document it get it's original filename back.

You could certainly do this kind of thing with Swish-e. You'd have to write 
something for -S prog that knows how to flag each document with the appropriate 
roles/rights, and then construct your searches to add the appropriate 'and 
role=foo' stuff to each query.

Swish-e just indexes and retrieves documents. With MetaNames you can add some 
intelligence about word context, but you'd have to construct all the business 
intelligence around the index yourself.

Peter Karman  .  .  peter(at)
Received on Thu Oct 19 11:26:26 2006