Connector Framework Service
The Connector Framework Service (CFS) allows secure indexing of documents from IDOL to the Vertica Analytic Database. Access Control Lists determine which users have permissions to access documents. Documents transferred from IDOL are stored in a Flex table (Using Flex Tables).
The dbadmin creates a view from this flex table ( see Views). Users access the IDOL data from these views.
CFS Components
Use the following CFS components to implement the service on the Vertica:
- IDOL document metadata
- Security key and authorization functions
- SQL statement and Security Parameter
- CFS Configuration file
See Implementing CFS
Document Metadata
Vertica Analytic Database stores IDOL document metadata in a flex table. Set the name of the flex table with the TableName parameter in the CFS configuration file (see Modify the CFS Configuration File). The metadata includes the following:
-
AUTONOMYMETADATA (Mandatory)-—An alphanumeric designation for the ACL designated for the document.
- DREFIELD—Assigns permission levels to users and groups for accessing IDOL documents.
- DRETITLE—The document title.
Security Key and Authorization Functions
As the dbadmin user you can assign each user a unique Security Information String (SIS). The strings are encrypted with a key stored in /idol/community/key
. This key uses the following functions:
In addition to the preceding functions, the authorization function IDOL_CHECK_ACL verifies that the user has access to data in the view.
These functions reside in the v_idol schema contained in the idollib
library installed with the CFS. When you run the functions, you must use v_idol in the command, for example:
=> SELECT v_idol.DELETE_COMMUNITY_KEY();
SQL Statement and Security Parameter
As the dbadmin user set the Security Information String for a specific user using:
- ALTER SESSION
- IdolSecurityInfo user-defined session parameter.
CFS Configuration File
You must index IDOL metadata in Vertica Analytic Database to be available for queries. See Implementing CFS