Active Directory Security Trimming Stage

An Active Directory Security Trimming query pipeline stage retrieves an Active Directory user’s security identifiers to build a security filter. This restricts the documents in the query result to only those documents for which a user has access permissions. Security trimming is commonly used in business to authenticate between administrative users and normal users, or to limit the site access of website users according to a login/password.

Example Stage Setup

Active Directory Security Trimming query stage setup:

Input
curl -u user:pass -X POST -H 'Content-type: application/json' -d '{"id":"ADSecurity", "type": "active-directory-security-trimming", "server":"ldap://hostname:port","bindName":"ADuser@example.com","bindPassword":"login1"}' http://localhost:8764/api/apollo/query-stages/instances
Output
{
  "type" : "active-directory-security-trimming",
  "id" : "ADSecurity",
  "server" : "ldap://hostname:port",
  "bindName" : "ADuser@example.com",
  "bindPassword" : "login1",
  "enableCache" : true,
  "cacheSize" : 1000,
  "expirationTime" : 3600,
  "skip" : false,
  "label" : "active-directory-security-trimming",
  "type" : "active-directory-security-trimming"
}

Configuration