Fragmentation
The indexer in MarkLogic Server doesn’t know the full path when working on child fragments of a parent document, because the indexer indexes the child fragments first before it indexes the parent. Because of this element level security and fragmentation don’t work well together, although fragmentation will still work on documents that don’t have any protected elements.
Any new document with matching fragmentation and protected elements will be rejected. Either an XDMP-PARENTLINK or an XDMP-FRAGMENTPROTECTEDPATH error will be thrown. When element level security and fragmentation both apply simultaneously to an existing document (already in the database), a reindexing error will be thrown, causing reindexing to stop. User must either remove/fix the matching element level security path or the matching fragmentation element.
For example, if a protected path that ends with baz is added (/foo/bar/baz) and if a fragment root is configured for baz, any document containing node baz (even under a different path /A/B/C/baz) will error out with XDMP-PARENTLINK when the document is inserted or reindexed.