MC+A

Recently, while working on a Google Search Appliance implementation involving a custom SAML interface users were being returned documents in some cases which they did not have access to. In reviewing the logs, we found that SharePoint was responding with an HTTP status of 200.

The GSA resolves late binding by performing a head request. Our case involved a user being granted access to a document by the GSA that they shouldn’t have. For reasons unknown, when one user accessed a page, they got a 401 (unauthorized) and when another use accessed the page, they got an error. Both users were not able to access the document.

The head request was something similar to:

This appears to be a standard 200 response, but it contains something interesting. There is an additional header called SharePointError. In digging around MSDN, I found this article . The SAML bridge had to be modified to check for this head in addition to the response. The existence of this header does not indicate a failure, only that it needs to be future examined to see if the user has access.

Earlier this week, Google release version 2.4.  This is the first public accessible version of the connectors.  Connections as part of this release are:

• SharePoint
• Documentum
• LiveLink
• FileNet
• File Systems – new (aka beta)
• Databases – new (aka beta)

Upon first view of them, it looks like they incorporate many of the suggestions we have posted on this blog over the past few months.  (i.e. use javascript to produce the results [Thanks Jon Doctor!]).  We’ll be posting a how to get the best search out of SharePoint with a Google Search Appliance shortly.

Customers interested in assistance with deployment of the connectors please contact us.