How to use GSA results on custom Application/WebSite/Program

[Güner Hacıoğlu]

Hi,

I am handling xml output for public search. And I parse this xml output to my application. But I does not this xml output handling secure search. Example: I have a fileshare index. I sending query to this fileshare collection on default GSA frontend. It is OK. I can see seach results. But I sending query to this fileshare collection on my custom application, it could not getting xml output. I think, secure content querying methodology is different from public search queries.

I will appreciate for your helps. 

Best regards

Güner Hacıoğlu

[Mathias Bierl]

Yes because you have to do the configured authentication process to get a user identity.

And this has some redirecty whch you have to follow and to provide the necessary data for authentication

[Güner Hacıoğlu]

What should I do about that? What things to do?

[Mathias Bierl]

Basically you have to follow the redirects the GSA returns.

But the detailed steps depends on your security configuration of the GSA because you have to provide the user authentication information needed for this security configuration

[Dave Watts]

> Basically you have to follow the redirects the GSA returns.
>
> But the detailed steps depends on your security configuration of the GSA
> because you have to provide the user authentication information needed for
> this security configuration

And this can get pretty complicated, pretty quickly. You should read
the entire documentation page on secure search, and pay specific
attention to Trusted Applications. This is a new feature in GSA 7.2
that will allow your application to authenticate itself against the
GSA, and then pass the user's identity (instead of the user's
credentials) to the GSA. This can significantly simplify the
authentication process, and reduce the amount of work you have to do
following redirects as Mathias described above.

However, using Trusted Applications does require that you configure
security a specific way. For example, you'll have to configure per-URL
ACLs using a feed (which is generally a good thing to do anyway). If
you're setting group ACLs instead of user ACLs (which again is a good
thing to do, since group ACLs are the best practice when using ACLs on
most systems), you'll also have to push group membership data to the
GSA using the AD Groups connector or the Policy ACL API instead of
using late-binding security or even determining group membership at
runtime via a cookie cracker.

Anyway, this can get complicated, and will depend very heavily on the
specifics of your existing security implementation. Here's the
documentation page mentioned above.

http://www.google.com/support/enterprise/static/gsa/docs/admin/72/gsa_doc_set/secure_search/

I mentioned Trusted Applications briefly in the blog post here:

http://blog.figleaf.com/2014/02/google-search-appliance-72-new-features.html

Dave Watts, CTO, Fig Leaf Software
1-202-527-9569
http://www.figleaf.com/
http://training.figleaf.com/

Fig Leaf Software is a Service-Disabled Veteran-Owned Small Business
(SDVOSB) on GSA Schedule, and provides the highest caliber vendor-
authorized instruction at our training centers, online, or onsite.