Legacy metadata format (deprecated) – Google Search Appliance Feeds Protocol Developers Guide User Manual

Page 19

Advertising
background image

Google Search Appliance: Feeds Protocol Developer’s Guide

19

Legacy Metadata Format (Deprecated)

For compatibility with feeds developed before software release 7.0, the search appliance supports the
legacy metadata format for specifying per-URL ACLs in feeds. The legacy approach is limited: it does not
support namespaces or case sensitivity. However, the following meta names enable you to specify ACL
inheritance in metadata format:

google:aclinheritfrom

google:aclinheritancetype

The valid value for google:aclinheritfrom is a URL string.

Google recommends against using the legacy format unless you have legacy feeds to maintain. Instead,
Google recommends developing feeds using the approach described in Specifying Per-URL ACLs.

A per-URL ACL can be defined either in the metadata portion of the feed, or in the document itself, but
not in both places.

Specifying Group and User Access in Metadata

You can include a per-URL ACL in a feed by specifying a document, and the names of the groups or
users that have access. The list of groups and users appears inside the record element for the
document that you are feeding. To specify groups or users that have access to the restricted URL, define
meta elements with name and content attributes.

To specify a group, use the following attribute values:

For the name attribute, the value must be google:aclgroups.

For the content attribute, the value must be a single group name.

To specify more than one group, use more than one meta tag, one group for each tag.

A group name that you specify in a content attribute value must match the group name as it appears in
the authentication mechanism (LDAP or GDATA database).

For example, to specify engineering (“eng”) as the group that has access to the URL, use the following
code:

<meta name="google:aclgroups" content="eng"/>

To specify a user, use the following attribute values:

For the name attribute, the value must be google:aclusers.

For the content attribute, the value must be a single user name.

To specify more than one user, use more than one meta tag, one user for each tag.

A user name that you specify in a content attribute value must match the user name as it appears in
the authentication mechanism (LDAP or GDATA database).

For example, to specify Joe, Maria, and Salim as the users that have access to the URL, use the following
code:

<meta name="google:aclusers" content="joe"/>
<meta name="google:aclusers" content="maria"/>
<meta name="google:aclusers" content="salim"/>

If a content string ends in =owner, =peeker, =reader, or =writer, that suffix is stripped from the user
name. Furthermore, if a content string ends in =peeker, that ACL entry is ignored.

Advertising
See also other documents in the category Google Software: