beautypg.com

Scenario 4: cannot provide a sample url, Set up for scenario 4 – Google Search Appliance Managing Search for Controlled-Access Content User Manual

Page 76

background image

Google Search Appliance: Managing Search for Controlled-Access Content

76

3.

The search appliance checks its own session cookie to find out if authentication was previously
completed.

The search appliance sets a session cookie the first time a browser requests a secure search.

4.

If the search appliance’s session cookie is still valid, the authentication phase is complete.

If the search appliance’s session cookie is not valid, the search appliance checks the content server
by using the sample URL to detect if other cookies that the browser has sent are valid.

5.

If the sample URL check is successful, the content server generates a 200 response that includes a
response HTTP header with X-Username:value and/or X-Groups:value and sends it to the search
appliance.

value

becomes a verified identity for the credential group that is associated with the sample URL

and authentication is complete.

If the sample URL check is not successful, the content server sends any response except a 200 to
the search appliance.

6.

The search appliance sends a redirect response that includes a return URL parameter to the
browser (see “Return URL Parameter” on page 70).

This action forces the user to visit the Redirect URL.

7.

The browser sends a GET message with the return URL parameter to the Redirect URL.

8.

The user interacts with the Redirect URL and gets a cookie.

9.

The Redirect URL sends a redirect response with a cookie to the search appliance.

10. The authentication phase begins again at step 4. The search appliance checks the content server by

using the sample URL to detect whether the cookie is correct.

Scenario 4: Cannot Provide a Sample URL

In scenario 4, the system cannot provide a sample URL to enable the search appliance to detect if a user
is logged in. However, the user can be redirected to a form where she can log in and get cookies.

Scenario 4 is almost identical to using the Always redirect to external login server option on the
Serving > Forms Authentication page in the search appliance’s legacy authentication.

Set Up for Scenario 4

For scenario 4, set up a cookie authentication rule by specifying a Redirect URL.

Because your system cannot provide a sample URL, leave the Sample URL box blank and do not check
When sample URL fails, expect the sample page to redirect to a form, and log in to that form.

See also other documents in the category Google Software: