Google Search Appliance Managing Search for Controlled-Access Content User Manual

Google Search Appliance: Managing Search for Controlled-Access Content

60

5.

Next, to add the comp.alpha.int web server, which uses HTTP Basic authentication, to the
credential group, Tanya clicks the HTTP tab.

The Default credential group is already selected.

6.

Tanya types http://comp.alpha.int/na.html, a sample URL for the site in the Sample URL box,
and clicks Save.

Options for adding another HTTP-based domain appear on the page. The Default credential group
is already selected.

7.

To add pers.def.int, which uses NTLM HTTP authentication, Tanya clicks the NTLM checkbox,
types pers.def.int/emea.html in the Sample URL box and clicks Save.

8.

Finally, to add the connector manager to the credential group, Tanya clicks the Connectors tab.

The Default credential group is already selected.

9.

Tanya types AlphaLCM, the name of the registered connector manager, in the Connector Manager
Name box and clicks Save.

Serving Controlled-Access Content to a User with One Set
of Credentials

Joseph is a manager who wants to gather all the personnel records for Pat Smith, an employee who
recently joined Joseph’s group from another department. Several systems in the Default credential
group contain information about Pat Smith.

The following steps give an overview of the process of serving controlled-access content with Default
credential group configured.

1.

Joseph opens the search page in a web browser, enters a query for “Pat Smith,” clicks the public
and secure content radio button, and clicks Search.

2.

The Universal Login Form checks the existing cookies that Joseph already has to see whether the
credential group is already satisfied.

The authentication mechanisms return a “rejected” response, meaning that the credential group is
not satisfied.

3.

The search appliance prompts Joseph by presenting the Universal Login Form.

4.

Joseph enters his username and password on the Universal Login Form and clicks Login.

5.

The search appliance applies Joseph’s credentials to the systems in the Default credential group and
checks each sample URL for access.

None are rejected and the Default credential group is satisfied.

6.

The search appliance queries the index and obtains a list of relevant results for Joseph’s query.

7.

The search appliance checks the list to see whether any of the results require authorization and
filters the results based on which results Joseph is authorized to view.

8.

The search appliance directs Joseph’s browser to a search results page that contains all results that
match the query “Pat Smith” that Joseph is authorized to view.