Confluence/IDOL/Active Directory Security Connector


Published on

John McGuire, Equion Consulting - London AUG, April 19 2011

Published in: Technology
  • Be the first to comment

  • Be the first to like this

No Downloads
Total views
On SlideShare
From Embeds
Number of Embeds
Embeds 0
No embeds

No notes for slide

Confluence/IDOL/Active Directory Security Connector

  1. 1. Equion Consulting Confluence/IDOL/Active Directory Security Connector John McGuire 19th April 2011
  2. 2. Background International law firm 1 Confidential documents and information 2 Employees search for and only have access to content which they have authorisation 3 A great deal of documentation and information not available due to access restrictions 4
  3. 3. Systems Integrated Active Directory – Enterprise Wide Authentication Autonomy (IDOL) – Enterprise Search Engine Confluence – Enterprise Collaboration Platform
  4. 4. Content to be searched by IDOL <ul><li>Confluence pages </li></ul><ul><li>Attachments – Word, Excel, PowerPoint, PDF, RTF, etc. </li></ul><ul><li>Blogs/News articles </li></ul><ul><li>Emails </li></ul><ul><li>Personal spaces </li></ul><ul><li>Comments, etc. </li></ul>
  5. 5. Security Issues IDOL search restricted to “public”, non confidential information and documents within Confluence Restricted content in Confluence was not indexed by IDOL and therefore not available through enterprise search
  6. 6. Access Control <ul><li>Confluence – Has a hierarchical permissions structure i.e. people only see the documents and information which they have access rights. </li></ul><ul><li>Autonomy (IDOL) – Has no concept of hierarchy, each document is independent, needing an ACL (Access Control List) comprising the effective permissions. </li></ul>
  7. 7. Technical Challenges Develop solution initially for Confluence 2.7.2 and then 3.x Resolve the issues which existed within Active Directory implementation To take the hierarchical permissions structure from Confluence and apply it to each specific item indexed in IDOL Ensure high performance
  8. 8. Technical Challenges <ul><li>Very complex integration – (Atlassian, Autonomy & Microsoft) </li></ul><ul><li>Technically challenging to implement – high levels of product expertise and software engineering skills required </li></ul><ul><li>Confluence 2.7.2 not supported </li></ul><ul><li>Active Directory presented a number of interesting challenges in the way that it was implemented </li></ul><ul><li>Migration from Development to Production environments </li></ul><ul><li>Performance was an important issue: </li></ul><ul><ul><li>Indexing a lot of content </li></ul></ul><ul><ul><li>Each time there is a search – User and Group lookups in Active Directory </li></ul></ul><ul><li>Not been done before (As far as we could discover) </li></ul>
  9. 9. Custom Confluence Plug-in Maintains the correct access rights Sends content to be indexed by IDOL in real-time i.e. whenever content is created, edited or deleted Extracts all indexable content within Confluence Delivers high performance
  10. 10. Business Benefits Authorised content available – All authorised content can be searched and made available. Correct access rights are maintained. An individual only able to see the content which they are authorised to see. Business productivity – Greatly improved productivity. Able to find documents and information quickly using enterprise search. Real time - New content indexed in real time. Available immediately with the correct access rights Automated process – No manual intervention, unless a full re-index of content is required to be carried out.
  11. 11. What we did <ul><li>Specified the strategy </li></ul><ul><li>Developed and Tested solution in Equion environment </li></ul><ul><li>Migrated solution to client development environment and worked closely with the client’s technical team </li></ul><ul><li>Given the vagaries of the systems, we had to work through a whole series of issues to achieve success on a clustered environment </li></ul>
  12. 12. Current status <ul><li>Plug-in product </li></ul><ul><li>Works with: </li></ul><ul><ul><li>Confluence 2.7.2 – 3.x </li></ul></ul><ul><ul><li>Autonomy IDOL 7 </li></ul></ul><ul><ul><li>Active Directory or LDAP </li></ul></ul><ul><li>Can be rolled out in a few days </li></ul>
  13. 13. Greenhopper – Project management The project tools employed: Jira – Project and issue tracking Bamboo – Continuous integration Fisheye – Code changes Crucible – Code review Can strongly recommend the Atlassian project toolset Project Integration Tools Clover – Testing
  14. 14. Further Information? Contact John McGuire 020 7288 4312 [email_address]