我有一个 Web 应用程序,它使用 SharePoint 2007 搜索 Web 服务 (localhost/_vti_bin/search.asmx).我的范围包含多个内容源,它们都包含业务数据(通过外部数据库上的 SQL 查询抓取内容).我需要这些内容源之一来为我提供安全修整的结果.简单来说,我有两个表:
I have a web application which consumes the SharePoint 2007 search web service (localhost/_vti_bin/search.asmx). My scope contains several content sources, all of them contain business data (content is crawled via SQL queries on external databases). I need one of these content sources to provide me security trimmed results. To put it simple, I have two tables:
- 包含内容的表 A:NodeId、Title、Content
- 具有权限的表 B:NodeId、用户名
现在,爬虫索引表 A 没有问题.我的问题是,在使用查询 Web 服务进行搜索时,我找不到对结果进行安全修整的解决方案.使用服务帐户使用 Web 服务,不会模拟登录用户.是否有可能以某种方式将用户名传递给 querypacket 对象,或者以任何其他方式检查表 B,用户名是否可以访问 NodeId?
Now, the crawler indexes table A with no problems. My problem is though, that when doing a search with the query web service, I cannot find a solution to do a security trimming of the results. The web service is consumed with a service account, no impersonation of logged in user. Is there a possibility to pass somehow the username to the querypacket object, or any other way that would check the Table B, whether the username has access to the NodeId?
由于我打算迁移到SP2013,如果MOSS2007没有办法,也许你们中的一些人也知道这个Sharepoint版本的解决方案?
Since I'm planning to migrate onto SP2013, maybe some of you also know a solution for this Sharepoint version, if there is no way in MOSS2007?
推荐答案有 3 个主要选项可用于对 SharePoint 搜索结果进行安全修整.它们包括:
There are a few 3 main options for doing security trimming of SharePoint search results. They include:
有大量博客文章展示了如何实施每个选项.
There is a great set of blog articles that show how to implement each option.
此外,这里还有关于 自定义安全修整的 SharePoint Conference 2012 会议的精彩视频.
Also, here's a great video of a SharePoint Conference 2012 session on custom security trimming.
HTH
-尤金
更多推荐
搜索网络服务中的安全修整
发布评论