beautypg.com

Per-url acls and acl inheritance, Specifying per-url acls – Google Search Appliance Feeds Protocol Developers Guide User Manual

Page 15

background image

Google Search Appliance: Feeds Protocol Developer’s Guide

15

Per-URL ACLs and ACL Inheritance

A per-URL ACL (access control list) has only a single URL associated with it. You can use feeds to add per-
URL ACLs to the search appliance index. To specify a per-URL ACL, use the acl element, as described in
“Specifying Per-URL ACLs” on page 15.

ACL information can be applied to groups of documents through inheritance. To specify ACL
inheritance, use the attributes described in “Specifying ACL Inheritance” on page 17.

After you feed a per-URL ACL to the search appliance, the ACL and its inheritance chain appear on the
Index > Index Diagnostics page.

For compatibility with feeds developed before software release 7.0, the search appliance supports the
legacy format for specifying per-URL ACLs in feeds (deprecated). For more information, see “Legacy
Metadata Format (Deprecated)” on page 19.

Take note that Google Search Appliance connectors, release 3.0, do not support feeding ACLs by using
the legacy approach. They only support the approach documented in this section. If you update a search
appliance to release 7.0 from an earlier release, re-crawling content is required.

The search appliance also supports other methods of adding per-URL ACLs to the index. For more
information, see “Methods for Adding ACLs to the Index” in Managing Search for Controlled-Access
Content.

You cannot use feeds to supply policy ACLs for prefix patterns or general URL patterns. To add policy
ACLs for prefix patterns or general URL patterns, use either of the following methods:

The Search > Secure Search > Policy ACLs page in the Admin Console

For more information see Admin Console Help for this page.

Policy ACL API

For information about this API, see Policy ACL API Developer’s Guide.

Specifying Per-URL ACLs

You can include a per-URL ACL in a feed by specifying a document, the principal (group or user), its
access to the document, and ACL inheritance information.

acl

Element

To specify all ACL information, including principals and inheritance, use the acl element. An acl
element can have the following attributes:

url

inheritance-type

inherit-from

The acl element can be the child of either a group or record element. For more information, see
“Approaches to Using the acl Element” on page 18. The acl element is the parent of the principal
element. For sample code, see “Example Feed with an acl Element” on page 18.

url

Attribute

The url attribute directly associates the ACL with a URL. This attribute allows specifying ACLs for
entities, such as folders and shares, without incrementing document count. For information about the
inheritance-type and inherit-from attributes, see “Specifying ACL Inheritance” on page 17.

See also other documents in the category Google Software: