PassMark Logo
Home » Forum

Announcement

Collapse
No announcement yet.

Filtering results based on network file permissions

Collapse
X
 
  • Filter
  • Time
  • Show
Clear All
new posts

  • Filtering results based on network file permissions

    Hi,

    If we were to use Zoom for our Intranet project what would be the best way of filtering results per user?

    Here's the issue:

    1. We have a bunch of restricted pages that we DO wish Zoom to index
    2. We wish to filter out (i.e. exclude) the restricted pages search results for normal users without access to these restricted pages
    3. We wish to include the restricted pages results for users WITH permissions to access these pages

    This is evidently an issue that requires integration with our

    Now, all our permissions are handled via Active Directory and we have several thousand users. With this in mind we are wondering which is the most effective way of returning the searches filtered by user permission.

    Does your system integrate with Active directory?

    Option 1
    We are wondering if we can check and limit each result on a result-by-result basis.
    For instance, is there a way of checking if the result (which is about to be displayed) to ensure it links to a file/folder that the user actually has access to and if not, do not display it?

    Option 2
    Alternatively, Is there a way of pre determining categories that the user may have permissions to and limiting the search to only these categories when the user instigates their search? For instance, If I cannot access items placed into the category "Restrict" then could we, in effect, have this removed from the search returns? In this way, we are limiting/filtering results before they are returned, rather than the more intensive Option 1 (above).

    I imagine this is quite a common problem so I wonder if anyone has had similar requests and how they were resolved.

    Kind regards,

    Chris

  • #2
    We have indeed discussed similar situations like this several times on the forum. This one might be of most interest:
    http://www.wrensoft.com/forum/showthread.php?t=1281

    Zoom does not provide built-in support for Active Directory features or have anyway of knowing Active Directory settings. However, when you click on the search result links and access the files - your web server settings (ie. Active Directory) will obviously apply. So what we are discussing is only in regards to omitting results from the search results listed based on user permissions.

    Option 1 is a possibility via custom changes to the search script. There is no generic way of providing support for this as a feature in the product. Every database setup is different and you will need custom code to access your security system (in this case, Active Directory), retrieve user permission information, and then apply the filtering as required.

    Option 2 is similar to what is described in the forum thread I linked to above. That is, you can generate ZOOMCATEGORY meta tags on your web pages, according to user permissions. You can then use the built-in Category feature in Zoom to filter out results accordingly. This is probably the best solution provided you don't mind the possibility of sneaky users inserting a different category option to see the other search results. This can, of course, also be prevented with custom script changes.
    --Ray
    Wrensoft Web Software
    Sydney, Australia
    Zoom Search Engine

    Comment

    Working...
    X