Security trimming in search web service

一个人想着一个人 提交于 2019-12-08 09:50:48

问题


I have a web application which consumes the SharePoint 2007 search web service (http://localhost/_vti_bin/search.asmx). My scope contains several content sources, all of them contain business data (content is crawled via SQL queries on external databases). I need one of these content sources to provide me security trimmed results. To put it simple, I have two tables:

  • Table A with contents: NodeId, Title, Content
  • Table B with permissions: NodeId, Username

Now, the crawler indexes table A with no problems. My problem is though, that when doing a search with the query web service, I cannot find a solution to do a security trimming of the results. The web service is consumed with a service account, no impersonation of logged in user. Is there a possibility to pass somehow the username to the querypacket object, or any other way that would check the Table B, whether the username has access to the NodeId?

Since I'm planning to migrate onto SP2013, maybe some of you also know a solution for this Sharepoint version, if there is no way in MOSS2007?


回答1:


There are a few 3 main options for doing security trimming of SharePoint search results. They include:

  1. ISecurityTrimmerPre - New in SharePoint 2013. Allows adding additional claims for the user before a search query is executed
  2. ISecurityTrimmerPost - Also known as ISecurityTrimmer2 in earlier versions of SharePoint. Allows trimming search results on a 1 by 1 basis after a search query is executed
  3. Business Connectivity Services Indexing Connectors - Allows you to supply ACLs to the search indexer when it is crawling the content source

There is a great set of blog articles that show how to implement each option.

Also, here's a great video of a SharePoint Conference 2012 session on custom security trimming.

HTH

-Eugene



来源:https://stackoverflow.com/questions/16100792/security-trimming-in-search-web-service

易学教程内所有资源均来自网络或用户发布的内容,如有违反法律规定的内容欢迎反馈
该文章没有解决你所遇到的问题?点击提问,说说你的问题,让更多的人一起探讨吧!