Search Appliance

 

Thunderstone Search Appliance Manual

Allow Authorization URL

If enabled, the Authorization URL field of each document is used for Results Authorization instead of the document URL. (If the Authorization URL field of a document is empty, or this setting is disabled, the document URL is used.) Enabling this can speed up searches under certain circumstances.

Sometimes an entire group of documents share the same authorization. For example, on some systems the contents of a directory always have the same authorization as the directory itself. In other words, every user's permissions on the files in any directory is the same as their permissions on the directory itself. If this is the case, then Results Authorization can authorize all results in the directory just by authorizing the directory itself, once. This reduction in calls speeds up searches.

For this optimization to be effective, the Authorization URL field in the database must be populated (see Data from Field, here). For example, on systems where the contents of a directory always have the same authorization as the directory itself, Authorization URL should be set to the parent dir of each URL. The more files there are (on average) in a given directory, the more effective this optimization will be. Additionally, the Authorization Caching setting should be set to Session, so that the one-time directory authorization can be reused for each result inside the directory. (Otherwise Results Authorization must repeat the directory authorization for every result in the directory, as normal.)

The Authorization URL field may also be used on systems that do not meet the group-authorization criteria (many docs sharing the same authorization) detailed above. An environment may exist where the walked/result URL is simply not the same URL that should be used for Results Authorization. For example, the walk/result URLs may be file:// URLs, yet the authorization should take place with http:// URLs of the same host and path. In such a case, the Authorization URL field could be populated with the http:// variant to tell Results Authorization to use those URLs. In this instance, the field is being used to properly authorize URLs, and will not necessarily speed up searches (because the Authorization URLs are unique and not shared across groups).


Copyright © Thunderstone Software     Last updated: May 24 2023