Google Search Appliance Managing Search for Controlled-Ac Uživatelský manuál Strana 56
- Strana / 85
- Tabulka s obsahem
- KNIHY
Hodnocené. / 5. Na základě hodnocení zákazníků
Google Search Appliance: Managing Search for Controlled-Access Content 56
Serving Controlled-Access Content to the User as
Public Content
ABC Company has decided to make the search results public: the
events
,
announce
, and
directory
servers control access to their content, but employees can discover the information they need by
performing a search query.
Eric is an employee of ABC Company. He wants to find an announcement about a colleague’s recent
promotion to Director. Eric opens the search page in a web browser and enters a query about “Maria
Jones director”. The search appliance performs the following steps before sending Eric to the search
results page:
1. The search appliance checks to see whether any of the content sources require authorization.
Although the search appliance had to provide credentials to index the content, the Make Public?
checkbox is selected for all of ABC Company’s content sources. All content in the index is labeled as
public: no authorization check is required.
2. The search appliance queries the index and obtains a list of relevant results for Eric’s query.
3. Eric sees search results from
events.abc.int
,
announce.abc.int
, and
directory.abc.int
that
match the query “Maria Jones director”. For instance, Eric finds an all-hands meeting that Maria
scheduled from
events
, a notice about her promotion from
announce
, and her office phone
number and location from
directory
.
When Eric clicks on one of the links in the search results page, the server that hosts the page requests a
response that includes an authentication header. If Eric hasn’t logged in elsewhere, he’ll have to enter a
username and password on a login form. Although the search appliance indexed the content as “public,”
the server still requires credentials before it displays the full document.
The next time that Eric clicks a link on his search results page, however, his browser forwards an
authentication header based on his user name and password to the server. If all the servers in this
example are on the same domain and accept the same credentials, Eric shouldn’t have to log in again
for as long as he keeps the browser open.
Use Case 2: One Set of Credentials for Multiple
Authentication Mechanisms
AlphaLyon is a multi-national corporation that has various different content servers that use different
authentication mechanisms.
•
http://insidealpha.com
is the URL for content protected by a single sign-on (SSO) server.
•
apacheserver.alphainside.com
is a server for content protected by a custom apache script that
uses cookies from the SSO system.
•
comp.alpha.int
is a simple web server that uses HTTP Basic authentication. This server hosts
some personnel information from North America.
•
pers.def.int
is a Microsoft IIS web server that uses NTLM v2 HTTP. This server hosts global
personnel information, excluding North America.
•
AlphaLCM
is a connector manager with one connector instance that is used to traverse and index
information (including some global personnel information) from AlphaLyon’s Documentum content
management system.
There is a single corporate-wide set of credentials for each employee.
- Google Search Appliance 1
- 1600 Amphitheatre Parkway 2
- Mountain View, CA 94043 2
- September 2012 2
- Google, Inc 2
- Contents 3
- Overview Chapter 1 5
- Access Content 8
- Sources as Public or Secure 13
- Public Search Results 14
- Authentication 15
- Credential Groups 16
- Primary Verified Identity 17
- Universal Login Form 18
- Credential Group Satisfaction 18
- Cookie-Based Authentication 20
- Multiple Cookie Domains 22
- HTTP-Based Authentication 23
- Kerberos-Based Authentication 25
- Keytab File 27
- More Kerberos Information 31
- Connectors 33
- Enabling Group Lookup 36
- NTLM HTTP 36
- Using Silent Authentication 37
- Authorization 38
- Flexible Authorization 39
- Legacy Authorization 40
- Policy Access Control Lists 40
- Per-URL ACLs and Policy ACLs 41
- Crawling Per-URL ACLs 42
- Policy ACLs 43
- Using the Page Layout Helper 51
- Mechanisms Chapter 3 53
- Setting up Crawl and Index 54
- Authentication Mechanisms 56
- Setting Up Crawl and Index 57
- Setting Up Serve 59
- Two Connectors 61
- Tickets for Secure Serve 63
- Obtaining a keytab File 64
- Scenarios Chapter 4 67
- Sample URL 69
- Redirect URL 69
- Silent Authentication 70
- Cookie Cracking 70
- Set Up for Scenario 1 72
- Set Up for Scenario 2 73
- Set Up for Scenario 3 75
- Set Up for Scenario 4 76
- Getting a Verified Identity 77
- Set Up for Scenario 5 78
- Get Cookies 79
Související produkty a manuály pro Software Google Search Appliance Managing Search for Controlled-Ac
(13 stránky)© 2020, manymanuals.cz. Všechna práva vyhrazena. | 0.056 s |
Manymanuals.com
Manymanuals.de
Manymanuals.fr
Manymanuals.it
Manymanuals.pl
Manymanuals.cz
Manymanuals.es
Manymanuals-pt.com
Komentáře k této Příručce