beautypg.com

Google Search Appliance Configuring GSA Unification User Manual

Page 10

background image

Google Search Appliance: Configuring GSA Unification

10

Using Authorization on the Primary Search Appliance

Use authorization on the primary search appliance when you want all authorization to be performed on
the primary search appliance.

The following table tells you how to configure the primary and secondary search appliances when
authorization is performed only on the primary search appliance.

Type of User
Authentication

How the User is
Authenticated and Results are
Authorized

What to do on the Primary Search
Appliance

What to do on the
Secondary Search
Appliances

LDAP, HTTP
Basic, NTLM
HTTP, or
Kerberos for
public serve

Results are public and
authorization is not
required.

Configure the Crawl and
Index > Crawler Access page
on the Admin Console with all
crawl patterns from the
primary and all secondary
search appliances. The
primary search appliance
does not crawl these pages
and no authorization is
required.

Configure the Crawler
Access page on the
Admin Console only
with crawl patterns for
the current secondary
search appliance.

LDAP, HTTP
Basic, NTLM
HTTP, or
Kerberos for
secure serve

User logs in to network
domain. Credentials for
authorization are
collected at login time
and results are
authorized using head
requests from the
primary search
appliance.

Configure the Crawl and
Index > Crawler Access page
on the Admin Console with all
crawl patterns from the
primary and secondary
search appliances. The
primary search appliance
does not crawl these pages,
but uses the crawl credentials
for authorization. If there are
SMB URLs, add those URLs to
the Follow and Crawl
Patterns field on the Crawl
and Index >Crawl URLs
page.

Configure the Crawl
and Index > Crawler
Access page on the
Admin Console only
with crawl patterns for
the current secondary
search appliance.

Cookie site or
forms-based
authentication
for public
serve

Serve is public. No result
authorization at serve
time required.

Copy the configuration from
the Crawler Access page on
the secondary search
appliances to the primary
search appliance.

Configure the Crawl
and Index > Crawler
Access page on the
Admin Console only
with crawl patterns for
the current secondary
search appliance.

Forms-based
authentication
with external
login for
secure serve

User provides credentials
on a form configured on
the primary search
appliance. The primary
search appliance uses a
cookie for authorization
using the head requestor
for each search result
returned by a secondary
search appliance.

Configure forms
authentication for serve.

Configure form-based
authentication for
crawl.

See also other documents in the category Google Software: