Feeding groups to the search appliance, Designing an xml groups feed – Google Search Appliance Feeds Protocol Developers Guide User Manual
Page 21
Google Search Appliance: Feeds Protocol Developer’s Guide
21
Feeding Groups to the Search Appliance
The search appliance can experience increased latency when establishing a user’s identity and the
groups that it belongs to. You can dramatically reduce the latency for group resolution by periodically
feeding groups information to the search appliance. When the groups information is on the search
appliance, it is available in the security manager for resolving groups at authentication time.
Consequently, the information works for all authorization mechanisms.
Take note that the cumulative number of group members on the search appliance cannot exceed three
million.
To feed groups to the search appliance, start by:
•
•
Designing an XML Groups Feed
The XML groups feed contains information about principals (groups) and its members (groups or users).
The XML must conform to the schema defined in the Groups Feed Document Type Definition.
xmlgroups
Element
To specify all groups information, including memberships, principals, and members, use the xmlgroups
element.
membership
Element
The membership element must contain one principal element. It contains zero to one members
elements.
members
Element
The members element contains zero to many principal elements.
principal
Element
To specify the principal, its name, and access to a document, use the principal element. The
principal element is a child of the membership or members element.
For any principal element that is a child of the membership element, the scope must be GROUP and
case-sensitivity-type must be EVERYTHING_CASE_INSENSITIVE.
The following code shows examples of the principal element:
case-sensitivity-type="EVERYTHING_CASE_INSENSITIVE" scope="GROUP">
abc.com/group1