Introduction

Connectors perform the following tasks that are related to security:

  • Connectors extract the access controls that are applied to items in a repository and add an access control list (ACL) to each document. The ACL is usually a list of users and groups who are granted or denied read access to an item. Some connectors add more than one ACL to each document, for example one ACL for read access and another for write access. ACLs are indexed along with the rest of the document metadata and should be identified as ACL fields by your Content component configuration.
  • Connectors add a field to each document to identify the security type. Different data repositories can have different rules for granting or denying access. For example, if a user is explicitly granted access to a document but is also a member of a group that is denied access, should they be permitted to read the document or not? Your Content component must know which security type applies to a document so that it can process the ACL correctly (in the same way as the original data repository would).
  • For some repositories, connectors extract group information. Connectors usually extract group information in cases where the repository uses its own system for storing users and groups. OmniGroupServer can extract group information from LDAP directories, Azure Active Directory, Google Directory, and other standard systems.