SharePoint Developer Center >
SharePoint Products and Technologies Forums
>
SharePoint - Business Data Catalog
>
How Security works for Enterprise Search using BDC web service?
How Security works for Enterprise Search using BDC web service?
- Folks, I am going to start implementing a search integration by means of BDC Web service (I want to search some data that are exposed by means of a web service).
Now I am wondering if the SharePoint crawls the data and index it at the SharePoint site, then how the security will work onto the search result? For example, some user might not able to see certain search results. But if they searchs for them, how SharePoint search will restrict them from viewing those?
I really wanted to know how this security mechanism actually works in the context of BDC web service. If anyone of know could you please be so kind to share the knowledge or point me to some online resource where I can read the details..?
Any help would be greatly appreciated!!
- Moim Hossain [Please mark as answer if this post helps you]
All Replies
When crawling SharePoint list (and library) items, the index service also captures the permissions on the object. When the query service receives a request, it will process all the hits and then filter out the ones the user is not permitted to see. So, the results as we say, are security trimmed.
In respect to index going through BDC to call a web service, that's a good question. Not sure how/if the index service is able to preserve security trimming for your external system.
Randy - http://sharepointhawaii.com/randywilliams- Randy, thanks for your response. Yes, I was actually wondering about exactly this issue! How does it work? So is it true that there is no security trimming for BDC search by means of web service?? Strange!!
Can any body tell me something more about this?? I would be greatly appreciated!
- Moim Hossain [Please mark as answer if this post helps you] - Folks I was wondering if any body could tell me something on this....?
- Moim Hossain [Please mark as answer if this post helps you] - The web service is SPContext aware. And the web service is also windows integrated authentication. The crawler using the web service should be able to record the same kind of data with security permnissions. So like Randy said it will be security trimmed for the end user.
- Brian, thanks a lot for answering this thread. But I really didn't get your suggestion quite well.
You said, "The web service is SPContext aware". did you mean that my web service should be a "SharePoint web service..?" (registering the web service into sharepoint...I meant custom web service)?
" The crawler using the web service should be able to record the same kind of data with security permnissions"
If my web service returning data from a 3rd party backend system..how the crawler should perserve that information during crawing..?
If you could say a line more on these..or could point me to any online resources that would be a great help for me.
Anyway, thanks a lot for your kind reply Brian!
- Moim Hossain [Please mark as answer if this post helps you] - Basically BDC based web service searching uses 2 steps action:
1. It used a method to get all IDs to be searched
2. It calls fetch method using ID returned above to get actual object and index that one.
Also in BDC ADF you specify whether it should use SSO, impersonation or integrated security.
In case of searching, first it uses index files to get all relevant IDs, then calls entity fetch method per ID to return actual object. There it also passes credentials as specified in ADF and based on which returns trimmed data for the end-user.
Akif - BDC does support security trimming for search results. Check this walkthrough:
- Using the Business Data Catalog Security Trimmer to Trim Search Results http://msdn.microsoft.com/en-us/library/bb447548.aspx
- AccessChecker Samples http://msdn.microsoft.com/en-us/library/aa981124.aspx
I have implemented the trimming and it works just fine.
http://nikolkos.blogspot.com/
