…how to enable searching securely in 3rd-party content sources with custom security models
TRANSCRIPT
![Page 1: …how to enable searching securely in 3rd-party content sources with custom security models](https://reader033.vdocument.in/reader033/viewer/2022061618/56649dac5503460f94a9b9b3/html5/thumbnails/1.jpg)
![Page 2: …how to enable searching securely in 3rd-party content sources with custom security models](https://reader033.vdocument.in/reader033/viewer/2022061618/56649dac5503460f94a9b9b3/html5/thumbnails/2.jpg)
Security Trimming for Search in SharePoint 2013 Morgan Larsson Sveinar Rasmussen(Senior PM) (Principal SDE)
SPC049
![Page 3: …how to enable searching securely in 3rd-party content sources with custom security models](https://reader033.vdocument.in/reader033/viewer/2022061618/56649dac5503460f94a9b9b3/html5/thumbnails/3.jpg)
• …how to enable searching securely in 3rd-party content sources with custom security models
Today you’re going to learn…
![Page 4: …how to enable searching securely in 3rd-party content sources with custom security models](https://reader033.vdocument.in/reader033/viewer/2022061618/56649dac5503460f94a9b9b3/html5/thumbnails/4.jpg)
Topic: Security in Search
• Authentication• Identifying who
• Authorization• Define access policy• Once we know who,
determine type of access
![Page 5: …how to enable searching securely in 3rd-party content sources with custom security models](https://reader033.vdocument.in/reader033/viewer/2022061618/56649dac5503460f94a9b9b3/html5/thumbnails/5.jpg)
• Documentum Content Server
Security is hard... Why?
• Different security model• Map user permission model• Enforce TCS (Trusted Content
Services)
![Page 6: …how to enable searching securely in 3rd-party content sources with custom security models](https://reader033.vdocument.in/reader033/viewer/2022061618/56649dac5503460f94a9b9b3/html5/thumbnails/6.jpg)
• Problems that we will help you solve.• Enable your custom database contents in
SharePoint search
Takeaway #1
![Page 7: …how to enable searching securely in 3rd-party content sources with custom security models](https://reader033.vdocument.in/reader033/viewer/2022061618/56649dac5503460f94a9b9b3/html5/thumbnails/7.jpg)
• Security Trimmers Toolbox
Takeaway #2
COMPLEXSIMPLER
BEFORE
COMPLEXSIMPLER
AFTER
![Page 8: …how to enable searching securely in 3rd-party content sources with custom security models](https://reader033.vdocument.in/reader033/viewer/2022061618/56649dac5503460f94a9b9b3/html5/thumbnails/8.jpg)
Early Binding
Concepts of Secure Search
Keys to unlock
Word/Term Lookup
Late Binding
![Page 9: …how to enable searching securely in 3rd-party content sources with custom security models](https://reader033.vdocument.in/reader033/viewer/2022061618/56649dac5503460f94a9b9b3/html5/thumbnails/9.jpg)
SharePoint 2013 Search Architecture
SearchAdmin
Content UXCrawl
ContentProcessing Index
QueryProcessing WFE
API
AnalyticsProcessing
Crawl
Search Admin
Link
Analytics Reporting
FAST Search Index
CustomConnectors
Public API
Unit of scale/role boundary
Extensibility Points
![Page 10: …how to enable searching securely in 3rd-party content sources with custom security models](https://reader033.vdocument.in/reader033/viewer/2022061618/56649dac5503460f94a9b9b3/html5/thumbnails/10.jpg)
Search Architecture: Content feeding
Content Crawl
ContentProcessing
CustomConnectors
..
.Crawl
CustomConnectors
BCS
Documentum
ACME XML Connector
Your Connector
![Page 11: …how to enable searching securely in 3rd-party content sources with custom security models](https://reader033.vdocument.in/reader033/viewer/2022061618/56649dac5503460f94a9b9b3/html5/thumbnails/11.jpg)
SharePoint 2013 Search Architecture
SearchAdmin
Content UXCrawl
ContentProcessing Index
QueryProcessing WFE
API
AnalyticsProcessing
Crawl
Search Admin
Link
Analytics Reporting
FAST Search Index
CustomConnectors
Public API
Unit of scale/role boundary
Extensibility Points
![Page 12: …how to enable searching securely in 3rd-party content sources with custom security models](https://reader033.vdocument.in/reader033/viewer/2022061618/56649dac5503460f94a9b9b3/html5/thumbnails/12.jpg)
QueryProcessing
Query +Claims set
Result set
Search Architecture: Query evaluation
UXQueryProcessing WFE
API
STS
IND
EX
Early binding(Pre trimming)
Late binding(Post trimming)
![Page 13: …how to enable searching securely in 3rd-party content sources with custom security models](https://reader033.vdocument.in/reader033/viewer/2022061618/56649dac5503460f94a9b9b3/html5/thumbnails/13.jpg)
Demo: Searching Securely in a 3rd-Party Document Source
![Page 14: …how to enable searching securely in 3rd-party content sources with custom security models](https://reader033.vdocument.in/reader033/viewer/2022061618/56649dac5503460f94a9b9b3/html5/thumbnails/14.jpg)
Security models: Strategy
Hierarchical
Allow/Deny
Dynamic
Pre-trimming
Post-trimming
Pre&Post-trimming
Models Tools
![Page 15: …how to enable searching securely in 3rd-party content sources with custom security models](https://reader033.vdocument.in/reader033/viewer/2022061618/56649dac5503460f94a9b9b3/html5/thumbnails/15.jpg)
Demo: Post-Trimmer Implementationand Deployment
![Page 16: …how to enable searching securely in 3rd-party content sources with custom security models](https://reader033.vdocument.in/reader033/viewer/2022061618/56649dac5503460f94a9b9b3/html5/thumbnails/16.jpg)
• ISecurityTrimmer2• ISecurityTrimmerPost
• CheckAccess(…)
Trimmers and compatibility
![Page 17: …how to enable searching securely in 3rd-party content sources with custom security models](https://reader033.vdocument.in/reader033/viewer/2022061618/56649dac5503460f94a9b9b3/html5/thumbnails/17.jpg)
Time to choose solution?
Pros
Index latency
Cons
Query latencyRefiner counts
Cons
Index latency
Pros
Query latencyRefiner counts
Late binding Early binding
![Page 18: …how to enable searching securely in 3rd-party content sources with custom security models](https://reader033.vdocument.in/reader033/viewer/2022061618/56649dac5503460f94a9b9b3/html5/thumbnails/18.jpg)
1. Design2. Deployment3. Registration4. Explain Source Code5. Trimmer Action!
Pre-Trimmer Demo Overview
![Page 19: …how to enable searching securely in 3rd-party content sources with custom security models](https://reader033.vdocument.in/reader033/viewer/2022061618/56649dac5503460f94a9b9b3/html5/thumbnails/19.jpg)
A Pre-Trimmer Design
My Pre Trimmer
CLA
IMS
User Identity
datafile.txt
30 second refresh
![Page 20: …how to enable searching securely in 3rd-party content sources with custom security models](https://reader033.vdocument.in/reader033/viewer/2022061618/56649dac5503460f94a9b9b3/html5/thumbnails/20.jpg)
Demo: Pre-Trimmer Implementationand Deployment
![Page 21: …how to enable searching securely in 3rd-party content sources with custom security models](https://reader033.vdocument.in/reader033/viewer/2022061618/56649dac5503460f94a9b9b3/html5/thumbnails/21.jpg)
What did we learn today...• Searching securely in external content
sourcesLate Security Binding
Post-Trimmers
Early Security BindingPre-TrimmersBCS for Indexing
Claims
Performance & Quality Tradeoffs
And now… to get you started on your
own…..
![Page 22: …how to enable searching securely in 3rd-party content sources with custom security models](https://reader033.vdocument.in/reader033/viewer/2022061618/56649dac5503460f94a9b9b3/html5/thumbnails/22.jpg)
Sample Code? Visit our blog…
• On MSDN Blogs• Search for
«blogs msdn security 2013»
http://blogs.msdn.com/b/security_trimming_in_sharepoint_2013/
![Page 23: …how to enable searching securely in 3rd-party content sources with custom security models](https://reader033.vdocument.in/reader033/viewer/2022061618/56649dac5503460f94a9b9b3/html5/thumbnails/23.jpg)
Search HOLs and events @ SPCHOL031 – Introduction to Search in SharePoint 2013HOL034 – Exploring Search Query Rules in SharePoint 2013HOL032 – Extending the Search experience in SharePoint 2013HOL033 – People Search in SharePoint 2013
HOL035 – SharePoint Server 2013 Search Connectors and Using BCS
Meet a Search SME
Ask questions, meet the community and share knowledge!
Mon-Thu @ Exhibit Hall
Hands on Labs
Daily 10:30am-6:30pm @ HOL Lab Lounge
Ask the Experts
Discuss search!
Wed 6:15PM @ Ask the Experts Lounge
![Page 24: …how to enable searching securely in 3rd-party content sources with custom security models](https://reader033.vdocument.in/reader033/viewer/2022061618/56649dac5503460f94a9b9b3/html5/thumbnails/24.jpg)
Related Search Sessions @ SPC
Mon 3:45pm - SPC202 - Search Architecture in SharePoint 2013Speakers: Thomas Molbach, Rune Zakariassen
Thu 12:00pm – SPC233 - SPC233 Surfacing LOB Data in SharePoint 2013 and Search Speaker: Shannon Bray
Tue 10:30am - SPC044 - Crawl and Index all Enterprise Content with SharePoint 2013 Search Speaker: Vaidy Raghavan
![Page 25: …how to enable searching securely in 3rd-party content sources with custom security models](https://reader033.vdocument.in/reader033/viewer/2022061618/56649dac5503460f94a9b9b3/html5/thumbnails/25.jpg)
Q&A
![Page 26: …how to enable searching securely in 3rd-party content sources with custom security models](https://reader033.vdocument.in/reader033/viewer/2022061618/56649dac5503460f94a9b9b3/html5/thumbnails/26.jpg)
Evaluate this session now on MySPC using your laptop or mobile device: http://myspc.sharepointconference.com
MySPC
![Page 27: …how to enable searching securely in 3rd-party content sources with custom security models](https://reader033.vdocument.in/reader033/viewer/2022061618/56649dac5503460f94a9b9b3/html5/thumbnails/27.jpg)
© 2012 Microsoft Corporation. All rights reserved. Microsoft, Windows, Windows Vista and other product names are or may be registered trademarks and/or trademarks in the U.S. and/or other countries.The information herein is for informational purposes only and represents the current view of Microsoft Corporation as of the date of this presentation. Because Microsoft must respond to changing market conditions, it should not be interpreted to be a commitment on the part of Microsoft, and Microsoft cannot guarantee the accuracy of any information provided after the date of this presentation. MICROSOFT MAKES NO WARRANTIES, EXPRESS, IMPLIED OR STATUTORY, AS TO THE INFORMATION IN THIS PRESENTATION.
![Page 28: …how to enable searching securely in 3rd-party content sources with custom security models](https://reader033.vdocument.in/reader033/viewer/2022061618/56649dac5503460f94a9b9b3/html5/thumbnails/28.jpg)
Content ACL Types and Encoding
Docaclmsspacl
![Page 29: …how to enable searching securely in 3rd-party content sources with custom security models](https://reader033.vdocument.in/reader033/viewer/2022061618/56649dac5503460f94a9b9b3/html5/thumbnails/29.jpg)
ACL Encoding
Encoding into queryable termwzo4215nb1hi3b1f3xxg4lsmzqwgzjonvuwg3tponxwm4bomnxw1l2tmvrxk3tjor3s5yldnqmn1xg4dpnv1he1lnnvsxeovzwk3rr
![Page 30: …how to enable searching securely in 3rd-party content sources with custom security models](https://reader033.vdocument.in/reader033/viewer/2022061618/56649dac5503460f94a9b9b3/html5/thumbnails/30.jpg)
Security FilterAND
ANDNOT
OR
Query
User1 Group1 Group2
OR
9User1 9Group1 9Group2 ...GroupN 9GroupN...
Allow Deny