AnsweredAssumed Answered

Search engines and SiteMinder-protected sites

Question asked by ryan.kogelheide on Nov 23, 2011
Latest reply on Dec 1, 2011 by ryan.kogelheide
Our Intranet uses SiteMinder to protect many websites. We've got a couple of search services. One uses GSA, and one uses Ultraseek.

GSA doesn't crawl the SiteMinder-protected content, and Ultraseek uses session-spoofing to fine tune search results after the fact.

With a search engine like that I see two possible ways that a search could be presented that is appropriate to the users authorization -

1) The search engine knows about different roles beforehand and only displays results appropriate to the current user's roles.
2) The search engine knows nothing about a user's roles and just prunes the results by what it cannot see.

What's the best practice for this? Are there any other options? Is there a better way to do (2) than session-spoofing (e.g. some intelligence in the browser-side code).

Outcomes