Manual
Table Of Contents
- Getting the Most from Your Google Search Appliance
- Contents
- Introduction
- Planning
- Setting Up
- Crawling and Indexing
- Search Experience
- Using Features to Enhance the Search Experience
- Using Front Ends
- Forcing Specific Documents to the Top of Search Results
- Suggesting Alternative Search Terms along with Results
- Grouping Search Results by Topic
- Providing Options for Navigating Search Results
- Displaying Expert Profiles with Search Results
- Providing Real-Time Connectivity to Business Applications
- Integrating Personal Content from Google Apps
- Restricting Search Results
- Controlling Automatic Searching of Synonyms
- Influencing Results Rankings
- Segmenting the Index
- Providing User Results
- Enabling User Alerts
- Displaying Translations of Search Results
- Showing Document Previews in Search Results
- Customizing the User Interface
- Collecting Metrics about User Clicks
- Essentials
- Using the Admin Console
- Using Language Options
- Extending Universal Search
- Monitoring a Search Appliance
- Getting Help
- Quick Reference
- Index
Google Search Appliance: Getting the Most from Your Google Search Appliance Crawling and Indexing 20
Managing Serve of Controlled-Access Content
When a user issues a search request for controlled-access content, the search appliance verifies the
user’s identity and determines whether the user has authorization to view the content. This check is
performed before the search appliance displays any content in search results. By performing the results
access control checks in real-time, the Google Search Appliance ensures that users only see results they
are authorized to view.
A search appliance can use the following methods to establish the user’s identity:
• HTML Forms-based Authentication
• HTTP Basic or NTLM HTTP
• Client Certificates
• IWA (Integrated Windows Authentication) / Kerberos authentication against a domain controller.
• The SAML Authentication and Authorization Service Provider Interface (SPI)
• Connectors
• LDAP
Once the user’s identity has been established, a search appliance attempts to determine whether the
user has access to the secure content that matches their search. The search appliance performs
authorization checks by applying flexible authorization rules. You can configure rules for:
• Cache
• Connectors
• Deny
• Headrequest
• Policy Access Control List (ACL)
• SAML
• Per-URL ACL
The search appliance applies the rules in the order in which they appear in the authorization routing
table on the Serving > Flexible Authorization page.
If the authorization check is successful, the secure content that matches the search query is included in
the user’s search results.
Configuring Serve of Controlled-Access Content
The process for configuring serve of controlled-access content is dependent on the security method you
want to use, as described in the following list:
• To configure a search appliance to perform forms authentication, use the Serving > Universal
Login Auth Mechanisms > Cookie page.
• To configure a search appliance to perform HTTP Basic or NTLM HTTP authentication, use the
Serving > Universal Login Auth Mechanisms > HTTP page.
• To configure the search appliance to require X.509 Certificate Authentication for search requests
from users, use the Serving > Universal Login Auth Mechanisms > Client Certificate page.