Configure IDOL Server

This section describes the configuration changes that are required in IDOL Server to enable mapped security for documents that originate from Slack. For more information about configuring mapped security in IDOL Server, refer to the IDOL Document Security Administration Guide.

Content Component

The first requirement is to add a field processing rule so that the IDOL Content component can determine whether a document is protected by Slack security. Field processing rules are configured in the [FieldProcessing] section of the Content component configuration file.

The following example instructs the Content component to search for a field named SECURITYTYPE and check for the value SLACK. You should have configured your Slack Connector to add this field to every document (see Retrieve and Index Access Control Lists).

[FieldProcessing]
...
29=DetectSecurity_Slack

[DetectSecurity_Slack]
Property=SecuritySlack
PropertyFieldCSVs=*/SECURITYTYPE
PropertyMatch=SLACK

[SecuritySlack]
SecurityType=Slack_V4

The SecurityType configuration parameter provides a name for the Slack security type. This can be any string but you must use the same value in several other places, as described below.

After the Content component has determined that a document is protected by Slack security, it must process the ACL that the Slack Connector has added to the document in the AUTONOMYMETADATA field.

To process ACLs added to documents by the Slack Connector, configure NT security (Type=AUTONOMY_SECURITY_V4_NT_MAPPED). Document security is configured in the [Security] section of the Content component configuration file. Create a new section with the same name that you specified with the SecurityType configuration parameter, above.

[Security]
...
6=Slack_V4

[Slack_V4]
SecurityCode=6
Library=C:\HPE\IDOLServer/content/modules/mapped_security
Type=AUTONOMY_SECURITY_V4_NT_MAPPED
ReferenceField=*/AUTONOMYMETADATA

Community Component

The final requirement is to configure user security so that when a user logs on to a front-end application, IDOL Server can return a security token that includes their group memberships. User security is configured in the [Security] section of the Community component configuration file.

Add a new section for Slack, similar to the following example:

[Security]
7=Slack

[Slack]
DocumentSecurity=TRUE
DocumentSecurityType=Slack_V4
GroupServerHost=localhost
GroupServerPort=3057
GroupServerRepository=Slack
SecurityFieldCSVs=username
CaseSensitiveUserNames=FALSE
CaseSensitiveGroupNames=FALSE

The value of the DocumentSecurityType parameter must match the value you set for the parameter SecurityType in the Content component configuration file.

The GroupServerHost and GroupServerPort parameters should specify the host name or IP address, and ACI port, of your OmniGroupServer. The GroupServerRepository parameter should specify the name of the repository that you created when you configured OmniGroupServer (see Retrieve User and Group Information).