> Basically you have to follow the redirects the GSA returns.
>
> But the detailed steps depends on your security configuration of the GSA
> because you have to provide the user authentication information needed for
> this security configuration
And this can get pretty complicated, pretty quickly. You should read
the entire documentation page on secure search, and pay specific
attention to Trusted Applications. This is a new feature in GSA 7.2
that will allow your application to authenticate itself against the
GSA, and then pass the user's identity (instead of the user's
credentials) to the GSA. This can significantly simplify the
authentication process, and reduce the amount of work you have to do
following redirects as Mathias described above.
However, using Trusted Applications does require that you configure
security a specific way. For example, you'll have to configure per-URL
ACLs using a feed (which is generally a good thing to do anyway). If
you're setting group ACLs instead of user ACLs (which again is a good
thing to do, since group ACLs are the best practice when using ACLs on
most systems), you'll also have to push group membership data to the
GSA using the AD Groups connector or the Policy ACL API instead of
using late-binding security or even determining group membership at
runtime via a cookie cracker.
Anyway, this can get complicated, and will depend very heavily on the
specifics of your existing security implementation. Here's the
documentation page mentioned above.
http://www.google.com/support/enterprise/static/gsa/docs/admin/72/gsa_doc_set/secure_search/
I mentioned Trusted Applications briefly in the blog post here:
http://blog.figleaf.com/2014/02/google-search-appliance-72-new-features.html
Dave Watts, CTO, Fig Leaf Software
1-202-527-9569
http://www.figleaf.com/
http://training.figleaf.com/
Fig Leaf Software is a Service-Disabled Veteran-Owned Small Business
(SDVOSB) on GSA Schedule, and provides the highest caliber vendor-
authorized instruction at our training centers, online, or onsite.