Google Search Appliance Feeds Protocol Developers Guide User Manual

Google Search Appliance: Feeds Protocol Developer’s Guide

14

The authmethod attribute for the record defines the type of authentication. By default, authmethod is
set to “none”. To enable secure search from a feed, set the authentication attribute for the record to
ntlm, httpbasic, or httpsso. For example, to enable authentication for protected files on
localhost.example.com via Forms Authentication, you would define the record as:

<record url="http://www.localhost.example.com/" authmethod="httpsso">

To grant the search appliance access to the protected pages in your feed, log into the Admin Console.

For URLs that are protected by NTLM and Basic Authentication, follow these steps:

1.

Open Content Sources > Web Crawl > Secure Crawl > Crawler Access

2.

Define a pattern that matches the protected URLs in the feed.

3.

Enter a username and password that will allow the crawler access to the protected contents. For
contents on a Microsoft IIS server, you may also need to specify a domain.

4.

The Make Public check box controls whether the search appliance checks for valid authentication
credentials before including protected contents in the search results. If you select the Make Public
check box, the record is displayed in search results. Otherwise, the record is shown when the user
has valid authentication credentials; users who do not have access to the protected content will not
see it in their search results. By default, search results are protected.

For URLs that are protected by Single Sign-on, follow these steps:

1.

Open Content Sources > Web Crawl > Secure Crawl > Forms Authentication.

2.

Under Sample Forms Authentication protected URL, enter the URL of a page in the protected
site that will redirect the user to a login form. The login form must not contain JavaScript or frames.
If you have more than one login page, create a Forms Authentication rule for each login.

3.

Under URL pattern for this rule, enter a pattern that matches the protected URLs in the feed.

4.

Click Create. In the browser page that opens, use the login form to enter a valid username and
password. These credentials allow the crawler access to the protected contents. If the login
information is accepted, you should see the protected page that you specified. If you can see the
protected URL contents, click the Save and Close button. The Forms Authentication page now
displays your rule.

5.

Make any changes to the rule. For example, the Make Public check box controls whether the
search appliance checks for valid authentication credentials before including protected contents in
the search results. If you select the Make Public check box, the record is displayed in search results.
Otherwise, the record is shown when the user has valid authentication credentials; users who do
not have access to the protected content will not see it in their search results. By default, search
results are protected.

6.

When you have finished making changes to the rule, click Save.

Note: The Make Public check boxes will still apply to documents submitted through a content feed. If
you submit a content feed with the authmethod attribute set, ensure that the fed URLs do not match
any patterns on the Content Sources > Web Crawl > Secure Crawl > Crawler Access or Content
Sources > Web Crawl > Secure Crawl > Forms Authentication pages that have the Make Public check
box checked, unless you want those results to be public.

This is one way of providing access to protected documents. For more information on authentication,
refer to the online help that is available in the search appliance’s Admin Console, and in Managing Search
for Controlled-Access Content.