0

I have a requirement to apply some rules to the collection used for searching and also to the returned docs based on userid and/or role of the caller in mongo db.

I see mongodb provides support to create one or more users internally and use them to fine-grained access policies for resource access.

Normally, roles and userid are created externally in active directory or ldap and we use only one userid when connecting to mongodb from a web app on behalf of all clients.

My query is , Is there a way to map these external userids and roles to internal userid and what is the mechanism to pass the caller/security context info when executing a command/query in mongodb.

user6594900
  • 33
  • 1
  • 4

1 Answers1

0

Did you checkout $redact operator in Mongo DB. Perhaps, this can help your requirement. https://docs.mongodb.com/manual/reference/operator/aggregation/redact/

Jbaur
  • 135
  • 2
  • 10
  • Thanks. I feel it is one approach which can be leveraged. But, it does put a constraint on the way docs are structured and the also maintained. I do not see any support for using that with spring data mongodb. So, not sure how I can use it. – user6594900 Apr 15 '17 at 06:47