My customer has indexed data that inadvertently contains clear-text passwords in it.
There are folks who need to be able to search that data, but aren't privileged enough to have access to see those passwords.
I've put a SEDCMD command in props.conf to obfuscate the password for future events. What I would like to do is create an app with a forms-based search that will run rex with every search and use its sed functionality to strip out the passwords on historical events.
If I grant the user's role access to the index, then they'll be able to see those passwords when they are outside of the app. Is it possible to restrict a role to only being able to search an index from a particular app? Could I do that by setting the app permissions to "this app only" and then put an authentication.conf file in the app that assigns the unprivileged AD group a role that is allowed to search the index?
Thx.
↧
