Tweet
Question is regarding how to implement custom urls and document level security...
Situation
Our company currently uses v4.0 of zoom for our front end. We are currently looking at revamping our secure side (available to client only). On that side the only search capabilities we have is our knowledgebase which is using SQL full-text search. What we are wanting is to combine the KB search (SQL database) with document search (files stored outside of website directory).
Documents as mentioned are stored outside of our website directory, effectively protecting them. A table is then used to enter the name of these files, security rights associated (employee, client, consultant, dealer, ...), if they are time sensitive (only available for limited time), etc. Client retrieves the file by clicking on a link that is similar to "transferfile.aspx?id=1234", at which point system looks up the file for 1234, verifies if user has security rights to it, then sends the file to the user.
Questions
To implement a search engine, what it the best means to approach the situation described above?
Given idea presented below, can users search and return a mix of kb's and documents? Option to allow searching of only one (probably done by categories again)?
How will links be handled? A postback would be needed for the KB's and a custom url (transferfile.aspx?id=xxx) for documents. Will I have to parse the results programmatically to accomplish this? Is so, then pulling the xml format of the results seems the best option.
My Current Idea
Thanks,
Clayton
Situation
- SQL data needing indexed
- files secured outside of web, document level security, and served directly to user needing indexed
Our company currently uses v4.0 of zoom for our front end. We are currently looking at revamping our secure side (available to client only). On that side the only search capabilities we have is our knowledgebase which is using SQL full-text search. What we are wanting is to combine the KB search (SQL database) with document search (files stored outside of website directory).
Documents as mentioned are stored outside of our website directory, effectively protecting them. A table is then used to enter the name of these files, security rights associated (employee, client, consultant, dealer, ...), if they are time sensitive (only available for limited time), etc. Client retrieves the file by clicking on a link that is similar to "transferfile.aspx?id=1234", at which point system looks up the file for 1234, verifies if user has security rights to it, then sends the file to the user.
Questions
To implement a search engine, what it the best means to approach the situation described above?
Given idea presented below, can users search and return a mix of kb's and documents? Option to allow searching of only one (probably done by categories again)?
How will links be handled? A postback would be needed for the KB's and a custom url (transferfile.aspx?id=xxx) for documents. Will I have to parse the results programmatically to accomplish this? Is so, then pulling the xml format of the results seems the best option.
My Current Idea
- For the KB's, create a script in SQL server than writes out/updates a hidden html page that lists all kb article links. Links would be similar to documents above (viewKB.aspx?KB=xxxxxx) for indexing purposes, but actual viewing by client would need a postback (dynamically insert kb's into custom control on search page). Metatags will be created on each kb page generated that would categorize the kb article by product line, version, keywords, etc. But also categorize by "approved for clients" or "approved for consultants" as some kb's are approved for some users, but not others.
- For the documents, point indexer to folder outside of the website where all files are stored. Have a .desc file for each file and use categories to handle security levels.
- On search page, programmatically call search function from code-behind in aspx (c#) to ensure proper category filtering for security rights.
Thanks,
Clayton
Comment