Cookie-based authentication options – Google Search Appliance Managing Search for Controlled-Access Content User Manual
Page 68
Google Search Appliance: Managing Search for Controlled-Access Content
68
Each scenario contains detailed information about the interactions between the user, the search
appliance, the content server (sample URL, see “Sample URL” on page 69) and login server (redirect URL,
see “Sample URL Redirect to Login Form” on page 69) that take place in the different configurations.
Read the scenarios so that you can decide which configuration best matches your system’s capabilities
and your organization’s requirements.
Cookie-Based Authentication Options
To set up cookie-based authentication, you, as a search appliance administrator, use the following
options on the Serving > Universal Login Auth Mechanisms > Cookie page in Admin Console:
•
•
“Sample URL Redirect to Login Form” on page 69
•
The effects of choosing these options depend on how your system is configured, and whether your
system is set up for silent authentication (see “Silent Authentication” on page 70) and cookie cracking
(see “Cookie Cracking” on page 70).
Each of the scenarios in this document explains the best combination of options to choose for the
situation that the scenario illustrates. The following table shows which selections and system
configurations are involved in each scenario.
The following sections provide overviews of each of the options listed in the table.
Sample URL
Redirect to
Login Form
Used In
“Scenario 1: Normal Forms Authentication”
on page 72
“Scenario 2: Cannot Use Universal Login
Form” on page 73
“Scenario 3: Cannot Use Universal Login
Form and Need Identity Verified Silently”
on page 75
“Scenario 4: Cannot Provide a Sample URL”
on page 76
“Scenario 5: Necessary Cookie is Available
for Getting a Verified Identity” on page 77
“Scenario 6: Use an HTTP Basic Challenge
to Get Cookies” on page 79
“Scenario 7: Use an NTLM HTTP Login Page
to Get Cookies” on page 80